Security Operations Manager (SOC) Manager

Clearance Level
Top Secret
Category
Information Security
Locations
Washington, District of Columbia
Greenbelt, Maryland

REQ#: RQ101363

Travel Required: 10-25%
Public Trust: None
Requisition Type: Pipeline

SOC Manager

We are GDIT. We support and secure some of the most complex government, defense, and intelligence projects across the country. At GDIT, cyber security is not just a singular part of our mission—it connects every one of us because it’s embedded into every aspect of what we do.

GDIT is your place. You make it your own by bringing your ideas and unique perspective to our culture. By owning your opportunity at GDIT, you are helping us ensure today is safe and tomorrow is smarter. Our work depends on a Security Operations Center Manager joining our team to support NASA activities in Washington D.C.

At GDIT, people are our differentiator. As a SOC Manager supporting NASA, you will support NASA’s Security Operations Center. Its purview includes all NASA networks and systems across the mission, corporate, and operational technology (OT) domains. The NASA SOC provides real-time, continuous cybersecurity monitoring and triage, uninterrupted event detection, incident analysis, coordination and response, situational awareness, and cybersecurity countermeasure implementation capabilities for maintaining a secure cybersecurity and information assurance posture. The NASA SOC has the authority to implement mitigation actions, in coordination with other enterprise IT services and local system administrators, in order to reduce the Agency’s exposure to cybersecurity threats and incidents.

The NASA SOC provides continuous operations, from multiple distributed operation sites, twenty- four hours a day, seven days a week, three hundred sixty-five days a year (24/7/365). Each distributed operations site is designed with operational capabilities to maintain security operations services when another operations site is degraded or disabled for varying reasons or lengths of time. The SOC includes a geographically dispersed team of technicians located across NASA locations.

The SOC provides the following services to all NASA organizations, frequently in collaboration and coordination with Center and organizational service providers and partners:

  • Continuous Monitoring and Detection (M&D) and Triage
  • Incident Response and Management
  • Cyber Forensics and Incident Analysis
  • Cyber Threat Detection and Hunt
  • Cyber Threat Analysis.

RESPONSIBILITIES:

  • Support the 24/7/365 operations of the NASA SOC and overall service delivery of SOC services to NASA
  • Maintain 24/7/365 staffing on premises at the two NASA SOC Distributed Operating Sites (in accordance with the locations identified in Section 1.2, Principal CyPrESS Stakeholders and Places of Performance) to support the strategic areas of NASA SOC Watch and Agency Incident Response Management
  • Maintain on premise coverage at the two NASA SOC Distributed Operating Sites during the designated core hours, after hours support on call, and respond on premise within 2 hours of notification to support the Cyber Threat Hunt strategic area
  • Balance 24/7/365 workload, staffing, and coverage between the two designated NASA SOC Distributed Operations Sites to ensure business continuity of the NASA SOC.
  • Provide 100% coverage for the NASA SOC Watch and AIRM for an initial 24 hours of unscheduled outage.
  • Ensure all staff supporting the NASA SOC obtain and maintain the requisite clearance level in accordance with NASA policy and procedures for system, data, or facilities to perform assigned duties when performance starts
  • Ensure all staff supporting the Cyber Threat Hunt strategic area obtain and maintain an active TS/SCI clearance in accordance with NASA policy and procedures for system, data, or facilities to perform assigned duties when performance starts.
  • Ensure a minimum coverage per shift at each NASA SOC Distributed Operating Site with an active TS/SCI clearance
  • Ensure a minimum coverage per shift at each NASA SOC Distributed Operating Site have access to the NASA Intelligence Network (NIN) systems, Top Secret physical space(s),access to voice/data workstations/devices, maintain active user and email accounts, and access to physical safes in those designated space(s). Minimum coverage per shift per location must possess a TS/SCI clearance with access.
  • Provide real-time response to requests for emergency web site blocking/unblocking upon receipt of notification from authorized IT Security Office personnel in accordance with relevant service level agreements
  • Support the development and dissemination of enterprise communications products and strategic reporting from the SOC in accordance with NASA’s policies, procedures and processes
  • Develop, update and maintain the Standard Operating Procedures (SOP) for each strategic area and function of the SOC
  • Support the identification of requirements for infrastructure and tools used by the SOC.
  • Assist in system and service restoration of SOC infrastructure and tools
  • In support of service restoration after an interruption, ensure that data is updating, full functionality is restored on SOC analyst workstations, and information is reachable from the system or service that was interrupted
  • Provide customers a self-help capability, such as the SOC intranet site, and continually enhance self-service capabilities to reduce SOC service requests in accordance with NASA’s policies, procedures and processes
  • Document and track call metrics, service request/resolutions, and analyze trends to implement measures that prevent recurring problems and improve customer experience. Trend analysis and reporting shall be customized based on the request of the Government (may request details on the type of technical issue, location, tier, etc.).
  • Provide a weekly status report on all call and service metrics
  • Provide internal SOC training and knowledge transfer as required
  • Participate in exercises, as requested by the Government, to test and strengthen NASA’s cybersecurity posture, processes and tools

WHAT YOU’LL NEED:

  • Bachelor’s degree in related field with 7+ years of relevant experience, or equivalent combination of education and experience
  • Active Top-Secret Clearance and ability to maintain the clearance
  • One or more DoD 8570.01-M Cyber Certifications
  • Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
  • Demonstrated ability to manage teams/activities in a geographically diverse, complex federal enterprise large organization
  • Knowledge of emergent IT technologies and industry trends and the impact on cybersecurity requirements and solutions

WHAT GDIT CAN OFFER YOU:

  • Full-flex work week
  • 401K with company match
  • Internal mobility team dedicated to helping you own your career
  • Collaborative teams of highly motivated critical thinkers and innovators
  • Ability to make a real impact on the world around you

Not sure this job’s the one for you? Check out our other openings at gdit.com/careers.

Do you have a friend or colleague this posting describes? Let them know about the opportunity by clicking “Share.” 

This position requires being fully vaccinated against COVID-19 by December 8, 2021 or the start date, if after December 8.

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.