We are GDIT. We support and secure some of the most complex government, defense, and intelligence projects across the country. At GDIT, cyber security is not just a singular part of our mission—it connects every one of us because it’s embedded into every aspect of what we do.
GDIT is your place. You make it your own by bringing your ideas and unique perspective to our culture. By owning your opportunity at GDIT, you are helping us ensure today is safe and tomorrow is smarter. Our work depends on a Security Operations Center Manager joining our team to support NASA activities in Washington D.C.
At GDIT, people are our differentiator. As a SOC Manager supporting NASA, you will support NASA’s Security Operations Center. Its purview includes all NASA networks and systems across the mission, corporate, and operational technology (OT) domains. The NASA SOC provides real-time, continuous cybersecurity monitoring and triage, uninterrupted event detection, incident analysis, coordination and response, situational awareness, and cybersecurity countermeasure implementation capabilities for maintaining a secure cybersecurity and information assurance posture. The NASA SOC has the authority to implement mitigation actions, in coordination with other enterprise IT services and local system administrators, in order to reduce the Agency’s exposure to cybersecurity threats and incidents.
The NASA SOC provides continuous operations, from multiple distributed operation sites, twenty- four hours a day, seven days a week, three hundred sixty-five days a year (24/7/365). Each distributed operations site is designed with operational capabilities to maintain security operations services when another operations site is degraded or disabled for varying reasons or lengths of time. The SOC includes a geographically dispersed team of technicians located across NASA locations.
The SOC provides the following services to all NASA organizations, frequently in collaboration and coordination with Center and organizational service providers and partners:
Continuous Monitoring and Detection (M&D) and Triage
Incident Response and Management
Cyber Forensics and Incident Analysis
Cyber Threat Detection and Hunt
Cyber Threat Analysis.
Support the 24/7/365 operations of the NASA SOC and overall service delivery of SOC services to NASA
Maintain 24/7/365 staffing on premises at the two NASA SOC Distributed Operating Sites (in accordance with the locations identified in Section 1.2, Principal CyPrESS Stakeholders and Places of Performance) to support the strategic areas of NASA SOC Watch and Agency Incident Response Management
Maintain on premise coverage at the two NASA SOC Distributed Operating Sites during the designated core hours, after hours support on call, and respond on premise within 2 hours of notification to support the Cyber Threat Hunt strategic area
Balance 24/7/365 workload, staffing, and coverage between the two designated NASA SOC Distributed Operations Sites to ensure business continuity of the NASA SOC.
Provide 100% coverage for the NASA SOC Watch and AIRM for an initial 24 hours of unscheduled outage.
Ensure all staff supporting the NASA SOC obtain and maintain the requisite clearance level in accordance with NASA policy and procedures for system, data, or facilities to perform assigned duties when performance starts
Ensure all staff supporting the Cyber Threat Hunt strategic area obtain and maintain an active TS/SCI clearance in accordance with NASA policy and procedures for system, data, or facilities to perform assigned duties when performance starts.
Ensure a minimum coverage per shift at each NASA SOC Distributed Operating Site with an active TS/SCI clearance
Ensure a minimum coverage per shift at each NASA SOC Distributed Operating Site have access to the NASA Intelligence Network (NIN) systems, Top Secret physical space(s),access to voice/data workstations/devices, maintain active user and email accounts, and access to physical safes in those designated space(s). Minimum coverage per shift per location must possess a TS/SCI clearance with access.
Provide real-time response to requests for emergency web site blocking/unblocking upon receipt of notification from authorized IT Security Office personnel in accordance with relevant service level agreements
Support the development and dissemination of enterprise communications products and strategic reporting from the SOC in accordance with NASA’s policies, procedures and processes
Develop, update and maintain the Standard Operating Procedures (SOP) for each strategic area and function of the SOC
Support the identification of requirements for infrastructure and tools used by the SOC.
Assist in system and service restoration of SOC infrastructure and tools
In support of service restoration after an interruption, ensure that data is updating, full functionality is restored on SOC analyst workstations, and information is reachable from the system or service that was interrupted
Provide customers a self-help capability, such as the SOC intranet site, and continually enhance self-service capabilities to reduce SOC service requests in accordance with NASA’s policies, procedures and processes
Document and track call metrics, service request/resolutions, and analyze trends to implement measures that prevent recurring problems and improve customer experience. Trend analysis and reporting shall be customized based on the request of the Government (may request details on the type of technical issue, location, tier, etc.).
Provide a weekly status report on all call and service metrics
Provide internal SOC training and knowledge transfer as required
Participate in exercises, as requested by the Government, to test and strengthen NASA’s cybersecurity posture, processes and tools
WHAT YOU’LL NEED:
Bachelor’s degree in related field with 7+ years of relevant experience, or equivalent combination of education and experience
Active Top-Secret Clearance and ability to maintain the clearance
One or more DoD 8570.01-M Cyber Certifications
Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
Demonstrated ability to manage teams/activities in a geographically diverse, complex federal enterprise large organization
Knowledge of emergent IT technologies and industry trends and the impact on cybersecurity requirements and solutions
WHAT GDIT CAN OFFER YOU:
Full-flex work week
401K with company match
Internal mobility team dedicated to helping you own your career
Collaborative teams of highly motivated critical thinkers and innovators
Ability to make a real impact on the world around you
Not sure this job’s the one for you? Check out our other openings at gdit.com/careers.
Do you have a friend or colleague this posting describes? Let them know about the opportunity by clicking “Share.”
This position requires being fully vaccinated against COVID-19 by December 8, 2021 or the start date, if after December 8.
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.