Operations Lead, TS/SCI CI Poly (Chantilly, VA)

Job Summary

The Cyber Security Operations Lead will oversee and manage the day-to-day cybersecurity operations supporting a U.S. intelligence agency. This role is critical in ensuring the protection of sensitive classified systems, networks, and data from cyber threats. The Lead will supervise a team of cybersecurity professionals, coordinate incident response efforts, and implement advanced security measures to safeguard national security information. This position requires a proactive leader with deep technical expertise, strong analytical skills, and the ability to operate in a high-pressure, mission-critical environment.

Key Responsibilities

• Leadership & Team Management:
  • Supervise and mentor a team of cybersecurity analysts, engineers, and incident responders.
  • Assign tasks, set priorities, and ensure team performance aligns with agency mission objectives.
  • Foster a culture of continuous improvement, training, and knowledge sharing within the team.
• Threat Detection & Incident Response:
  • Oversee monitoring of networks, systems, and applications for potential security incidents or breaches.
  • Lead the investigation, containment, and remediation of cyber incidents in collaboration with internal and external stakeholders.
  • Develop and refine incident response playbooks tailored to the intelligence agency’s unique operational needs.
• Security Operations Oversight:
  • Manage and optimize Security Operations Center (SOC) tools, including SIEM (e.g., Splunk, ArcSight), endpoint detection platforms, and threat intelligence feeds.
  • Ensure continuous monitoring and analysis of classified and unclassified systems for vulnerabilities and anomalies.
  • Coordinate with system administrators to implement patches, updates, and hardening measures.
• Threat Intelligence Integration:
  • Leverage classified and open-source threat intelligence to anticipate and mitigate emerging cyber threats.
  • Collaborate with intelligence analysts to correlate cyber events with broader geopolitical or adversarial activities.
• Policy & Compliance:
  • Ensure adherence to federal cybersecurity standards (e.g., NIST 800-53, FISMA) and agency-specific security policies.
  • Conduct regular audits and risk assessments to identify gaps and recommend corrective actions.
  • Prepare and present detailed reports on security posture, incidents, and mitigation efforts to senior leadership.
• Collaboration & Communication:
  • Act as the primary point of contact between the cybersecurity team and agency leadership, contractors, or external partners.
  • Participate in cross-agency working groups to align cybersecurity efforts with broader intelligence community goals.
  • Brief stakeholders on emerging threats, operational risks, and recommended strategies.

Qualifications

• Education:
  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field (Master’s preferred).
  • Equivalent experience in lieu of a degree may be considered (e.g., 10+ years in cybersecurity).
• Experience:
  • Minimum of 8 years of experience in cybersecurity, with at least 3 years in a leadership or supervisory role.
  • Proven experience supporting U.S. government or intelligence community operations (e.g., DoD, IC agencies).
  • Hands-on expertise in SOC operations, incident response, and threat hunting.
• Certifications (Preferred):
  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Security Manager (CISM)
  • GIAC Security Operations Manager (GSOM)
  • GIAC Certified Incident Handler (GCIH)
  • Other relevant certifications (e.g., CEH, CompTIA Security+)
• Technical Skills:
  • Proficiency with SIEM platforms (e.g., Splunk, Elastic, QRadar) and endpoint security tools (e.g., CrowdStrike, Carbon Black).
  • Strong knowledge of network protocols, firewalls, IDS/IPS, and encryption technologies.
  • Experience with cloud security (e.g., AWS, Azure) and securing hybrid environments.
  • Familiarity with scripting or automation (e.g., Python, PowerShell) to enhance operational efficiency.
• Soft Skills:
  • Exceptional leadership and team-building capabilities.
  • Ability to make rapid, informed decisions under pressure.
  • Excellent written and verbal communication skills, including the ability to brief senior officials.
• Security Clearance:
  • Active Top Secret/SCI clearance with a current polygraph (or eligibility to obtain one).
  • U.S. citizenship required.

Additional Requirements

• Willingness to work non-standard hours, including on-call availability for incident response.
• Ability to travel to secure facilities as needed.
• Strict adherence to confidentiality and handling of classified information in accordance with agency protocols.

Preferred Qualifications

• Prior experience supporting [specific agency, e.g., CIA, NSA, DIA] or similar IC entities.
• Knowledge of advanced persistent threats (APTs) targeting U.S. intelligence assets.
• Familiarity with zero-trust architecture and implementation.