Cybersecurity Operations Lead

Job Details

Job

Location:

Arlington, VA, US

Date Posted:

Category:
Cyber

Subcategory:
Cybersecurity Ops

Schedule:

Full-Time

Shift: Day Job

Travel:
Yes - 10% of the time

Minimum

Clearance Required:

TS.

Clearance Level Must Be Able to Obtain:
None

Potential for Remote Work: _SITE

SAIC is seeking qualified applicants to support cutting‑edge data, analytics, and AI platform. The Cyber Operations Lead is a critical role in the day‑to‑day understanding, workflows, and triage of tasking assignments to 10+ cyber teams who are also working with other task areas that handle customer relationships, service portfolio and catalog management, software engineering & development, data/AI engineering, IT systems operations, and use case intake and analytics for DoW enterprise‑scale mission objectives expected in Spring/Summer 2026.

Positions are contingent pending contract award.

The work will be performed in Alexandria, Northern Virginia. Some work may be performed remotely, subject to Government approval.

• Maintain enterprise‑wide operational awareness of cyber tasking across 10+ teams by actively monitoring and managing Service Now queues, ensuring ticket accuracy, status integrity, and SLA adherence.
• Serve as the central triage and prioritization authority for incoming cyber work, aligning assignments with mission priorities, team capacity, and operational urgency.
• Provide direct operational reporting to the CISO and government customer, delivering timely status updates, risk identification, and actionable insights on cyber tasking and performance.
• Lead daily operational synchronization efforts, including tracking deliverables, identifying bottlenecks, and escalating issues impacting mission execution.
• Act as a primary coordination point between cyber teams, program leadership, and a 450+ staff environment, ensuring consistent communication and alignment across stakeholders.
• Influence and optimize Service Now workflows and ticketing practices to align with evolving cyber operational processes and executive priorities.
• Oversee knowledge management practices, including development and maintenance of SOPs, process documentation, and operational playbooks.
• Track and analyze operational metrics (ticket throughput, aging, SLA compliance), providing data‑driven recommendations to improve efficiency and service delivery.

• Bachelor's & 14+ years of related experience, Master's & 12+ years of experience, or PhD or JD & 9+ years of experience.
• Active TS/SCI CI Poly Clearance is required.

• Advanced proficiency as a Service Now power user, including queue management, reporting, dashboarding, and workflow utilization (limited administrative access preferred).
• Strong understanding of cyber operations functions such as incident response, vulnerability management, and enterprise security operations.
• Demonstrated ability to operate at an SME/lead level with direct exposure to executive leadership (e.g., CISO), including clear and concise reporting of operational status and risks.
• Proven ability to maintain situational awareness and coordinate across multiple teams in a high‑tempo, mission‑driven environment.
• Familiarity with DoD cybersecurity environments, including exposure to RMF, impact levels (IL2–IL6), and data protection practices.
• Relevant DoD 8140 (or 8570 equivalent) certification required; ITIL Foundation or higher preferred.