Cybersecurity Lead Manager

ASRC Federal is a leading government contractor furthering missions in space, public health and defense. As an Alaska Native owned corporation, our work helps secure an enduring future for our shareholders. Join our team and discover why we are atop veteran employer and Certified Great Place to Work™

ASRC Federal is hiring a Cybersecurity Lead Manager (SIEM & Enterprise Operations Focus) to support the Department of Defense Education Activity (DoDEA) Enterprise Cybersecurity Support Services contract. This position is located onsite in Alexandria, VA.

The Cybersecurity Lead Manager will provide program management, technical leadership, and cybersecurity onsite (Alexandria, Virgina) oversight in support of the Department of Defense Education Activity (DoDEA) Enterprise Cybersecurity Support Services contract.

This individual serves as the primary interface with Government leadership, responsible for ensuring successful execution of all Performance Work Statement (PWS) objectives, including:

• Cybersecurity Engineering and Operations
• Vulnerability Management
• Application Security and Incident Response
• Technical Documentation and Reporting

The Cybersecurity Lead Manager will ensure delivery of secure, compliant, and mission-aligned cybersecurity services across DoDEA’s global enterprise environment.

• Serve as the primary point of contact (POC) for the Government COR and stakeholders.
• Develop, maintain, and execute the Program Management Plan (PMP), including:
• Staffing and resource planning
• Communications management
• Lead weekly status reporting, monthly reporting, and program review briefings.
• Ensure all deliverables meet PWS requirements, timelines, and Acceptable Quality Levels (AQLs).
• Manage contractor personnel, including performance oversight and task prioritization.

• Oversee execution of RMF Assessment & Authorization (A&A) activities.
• Ensure completion and quality of:
• System Security Plans (SSPs)
• Security Assessment Plans (SAPs)
• Security Assessment Reports (SARs)
• Plans of Action & Milestones (POA&Ms)
• Provide guidance on continuous monitoring strategies and near real-time risk management.
• Ensure proper use of eMASS for documentation and tracking.

• Provide leadership for enterprise cybersecurity architecture and operations.
• Oversee implementation and sustainment of:
• IDS/IPS, HBSS, firewalls, VPNs, and endpoint security
• Cloud security architecture (AWS, Azure, etc.)
• Lead advanced analysis of logs, network traffic, and system artifacts during incidents.

• Oversee Security Information and Event Management (SIEM) capabilities, including:
• Development of detection use cases, alerts, and correlation rules
• Integration of threat intelligence and indicators of compromise (IOCs)
• Optimization of monitoring policies across SIEM, EDR, IDS, and cloud systems
• Ensure effective log aggregation, normalization, and monitoring across enterprise systems.
• Drive improvements to real-time monitoring and alerting capabilities supporting CSOC operations.

• Oversee enterprise vulnerability assessment and remediation programs.
• Ensure compliance with:
• IAVM / IAVA requirements
• DISA STIGs and SCAP tools
• Provide leadership on threat tracking, risk prioritization, and remediation strategies.
• Support development of dashboards and reporting for DoDEA leadership.

• Lead Tier 3 incident response support and forensic investigations.
• Oversee:
• Security testing (penetration testing, SRR, code scanning)
• Dev Sec Ops  security integration
• Ensure rapid detection, analysis, and containment of cybersecurity incidents.

• Oversee development of:
• Policies, SOPs, IT directives, and technical documentation
• Service catalogs and SLAs
• Ensure all documentation is accurate, compliant, and aligned with DoDEA standards.

• Provide leadership and direction to:
• ISSOs
• Cybersecurity engineers
• Technical writers
• Ensure personnel meet DoD 8140 /…