Deputy Cyber Incident Response Team ManagerBusinesses Raytheon Intelligence & Space Clearance type Top Secret - Current Relocation eligible No Ability to Telecommute Temporary telecommuting - during COVID-19 Job ID 178572BR Most Recent Date Posted 04/20/2021 City Arlington State VA Country United States
The Deputy Mission Operation Environment Cyber Incident Response Team (MOE-CIRT) Manager ensures exceptional service for managed services customers and helps drive employee engagement for SOC and Incident Response staff members. He or she will help coordinate the daily activities of MOE-CIRT staff; orient, train, and mentor staff; monitor incident management queues; address client escalation issues; and interface with clients as needed. The MOE-CIRT Deputy Manager is expected to be detail and process oriented and accountable for the overall success of the Mission Operations Environment.
Responsibilities also include:
- Report to MOE-CIRT Team Lead in the management of up to 30 watch-standers
- Have technical knowledge and the ability to provide senior analytics
- Knowledge of Incident Response
- Project Management
- Communicate policies, expectations, and feedback to MOE-CIRT staff
- Facilitate a high-performance team environment and employee engagement
- Provide performance feedback and corrective action to direct staff
- Lead activities of MOE-CIRT staff to diagnose and resolve client problems
- Field escalated customer issues and resolve or refer to specialized experts as needed
- Guide and coordinate projects requiring scheduling
- Monitor and report the status of tickets and tasks assigned to the MOE-CIRT and ensuring items are coordinated, logged, tracked, and resolved appropriately.
- Provide input on process improvements and contribute to the technology road map for the strategic plan.
- Perform metrics trend analysis and reporting; guide resultant process improvement.
- Contribute to the development, communication and implementation of policies, procedures, best practices, recommendations, and guidelines for standards.
- Provide guidance and training; may guide other staff
- Evaluate and provide input regarding employee performance
- Conduct one on ones with staff to address training needs, set expectations, and facilitate a 2-way dialogue regarding the employee experience
- Other duties as assigned and required.
- This position requires an active Top Secret security clearance with SCI eligibility.
- Must be able to obtain DHS suitability prior to starting employment.
- Candidate must be able to travel quarterly to Pensacola for training, coordination, etc.
- Efficient delegation and task prioritization
- Ability to interview and select employees in accordance with company guidelines and EEOC commitments
- Ability to coordinate and facilitate staff training on a technical level
- Ability to provide feedback, coach employee performance, and effectively implement disciplinary action as needed
- Ability to manage and resolve conflicts as they arise
- Hands-on experience in the detection, response, mitigation, and/or reporting of cyber threats affecting client networks and one or more of the following:
- Experience in computer intrusion analysis and incident response
- Experience with Intrusion detection
- Computer network surveillance/monitoring
- Knowledge and understanding of network protocols, network devices, multiple operating systems, and secure architectures
- Experience in computer evidence seizure, computer forensic analysis, and data recovery
- Computer network forensics
- System log analysis
- Experience with current cyber threats and the associated tactics, techniques, and procedures used to infiltrate computer networks
- Current experience with network intrusion detection and response operations (Protect, Defend, Respond and Sustain methodology)
- Current experience with cyber threats and the associated tactics, techniques, and procedures used to infiltrate computer networks
- Demonstrated ability to document processes
- The ability to respond to crises objectively
- Proficiency with MS Office Applications
- Must be able to work collaboratively across agencies and physical locations
- Experience supporting DHS, Federal Civil, Intelligence and/or DoD Customers
- Computer Forensics experience
- Malware reverse engineering experience
- Experience with Risk and Opportunity management
- Scripting experience (python, perl etc…)
- Experience with process development and deployment
- Excellent writing skills
- Prior experience with data visualization products such as Analyst Notebook is desired.
- Prior experience with Splunk
- Prior experience working in AWS and Azure
- Prior experience working in one of the following highly desired:
- Security Operations Center (SOC/NOSC)
- Computer Emergency Response Team (CERT/CIRT)
- DOD/FED Cyber Intel organization
- DCIO/MCIO, with Cyber Counterintelligence focus
- Additional technical CND response certification (CEH, GCIH, GCIA and GNFA)
- DoDI 8570.01-M IAT Level I Compliance Certification (Network+ CE, A+, CE, CCNA+, Security+, SSCP)
Education & Experience
- Bachelor’s degree and eight (8) years of related experience OR six (6) years of related experience with a Master’s degree.
This position requires a U.S. Person who is eligible to obtain any required Export Authorization.
Raytheon Technologies is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.