Job description
Job Title: Deputy Cyber Incident Response Team (CIRT) Manager
Location: Pensacola, FL - Hybrid
Duration: Contract
Clearance: Active TS with SCI Eligibility required.
Job Description:
The Deputy Cyber Incident Response Team (CIRT) Manager ensures exceptional service for managed services customers and helps drive employee engagement for CIRT staff members. They will help coordinate the daily activities of CIRT staff; orient, train, and mentor staff; monitor incident management queues; address client escalation issues; and interface with clients as needed. The CIRT Deputy Manager is expected to be process oriented and accountable for the overall success of the CIRT’s Cyber Defense Mission.
Responsibilities include:
• Support managing CIRT team consisting of up to 30 cyber defense analysts providing cyber detection, incident response, and recovery coordination services to the customer.
• Lead activities and technical direction of CIRT staff to diagnose and resolve client enterprise cyber alerts
• Field escalated customer issues and resolve or refer to specialized experts as needed
• Monitor and report the status of tickets and other cyber defense tasks assigned to the CIRT and ensuring items are coordinated, logged, tracked, and resolved appropriately.
• Provide input on process improvements and contribute to the technology road map for the strategic plan.
• Perform metrics trend analysis and reporting; guide resultant process improvement.
• Communicate policies, expectations, and feedback to CIRT staff
• Facilitate a high-performance team environment and employee engagement
• Guide and coordinate projects requiring scheduling
• Contribute to the development, communication and implementation of policies, procedures, best practices, recommendations, and guidelines for standards.
• Conduct individual meetings with team members to address performance, training needs, set expectations, and facilitate a 2-way dialogue regarding the team members’ experience
• Other duties as assigned and required.
Required Skills:
• Must be a U.S. Citizen
• This position requires an active Top Secret security clearance with SCI eligibility.
• Must be able to obtain Client suitability prior to starting employment.
• 10+ years of directly relevant experience
• Computer Emergency Response Team (CERT/CIRT) hands-on experience
• Current experience with network intrusion detection and response operations (Protect, Defend, Respond and Sustain procedures)
• Hands-on experience in the detection, response, mitigation, and/or reporting of cyber attacks affecting client networks
• Computer network surveillance/monitoring
• Knowledge and understanding of network protocols, network devices, multiple operating systems, and secure architectures
• Familiar with System log analysis, computer evidence seizure, computer forensic analysis, and data recovery
• Experience with current cyber threats and the associated tactics, techniques, and procedures used to infiltrate computer networks
• Excellent verbal and written communication skills
• Efficient delegation and task prioritization
• Ability to interview and select employees in accordance with company guidelines and EEOC commitments
• Ability to coordinate and facilitate staff training
• Ability to provide feedback, coach employee performance, and effectively implement disciplinary action as needed
• Ability to manage and resolve conflicts as they arise
• Demonstrated ability to document processes
• The ability to respond to crises efficiently and objectively
• Proficiency with MS Office Applications
• Must be able to work collaboratively across agencies and physical locations
Desired Skills:
• Current experience with Splunk
• Experience supporting Client, Federal Civil, Intelligence and/or DoD Customers
• Computer Forensics experience
• Malware reverse engineering experience
• Experience with Risk and Opportunity management
• Scripting experience (python, Perl etc.)
• Experience with process development and deployment
• Prior experience with data visualization products such as Analyst Notebook
• Prior experience working in one of the following highly desired:
• DOD/FED Cyber Client organization
• DCIO/MCIO, with Cyber Counterintelligence focus
Education: Bachelor’s required
