Cybersecurity Manager

Clark Construction Group is looking for a strategic and experienced Cybersecurity Manager to join our growing cybersecurity team. This role is a critical component of our cybersecurity posture, responsible for executing our comprehensive approach to threat detection, incident response, and vulnerability management.

Reporting to the Director of Information Security, the Cybersecurity Manager will be responsible for leading advanced incident response efforts, and ensuring the efficient operation and tuning of our security technology stack. You will be a key leader in protecting our corporate and project-based digital assets.

This is an onsite role in our McLean, VA office.

• Incident Management & Leadership: Serve as a key technical lead and senior escalation point for major security incidents. This role involves leading and coordinating the technical response effort, ensuring proper communication and adherence to established protocols, and providing critical support to the Director during high‑severity events.
• Deep Dive Investigation: Oversee and personally conduct complex, multi‑stage security incident investigations, performing in‑depth analysis of forensic artifacts, security logs, and network telemetry to determine scope, impact, and root cause.
• Reporting & Communication: Ensure comprehensive documentation of all incidents. Prepare and present high‑level, executive‑ready reports on major security incidents, providing clear context, lessons learned, and recommended preventative actions to management and stakeholders.
• Threat Hunting: Manage and drive the threat hunting activity, defining objectives, developing advanced hypotheses, and leading the team in proactively searching for signs of compromise, new attack techniques, and adversarial tactics.
• Vulnerability Remediation Oversight: Spearhead scanning, prioritizing remediation efforts based on risk severity (e.g., CVSS, exploitability), and collaborating directly with IT and system owners to ensure timely patching and risk mitigation.
• Security Tool Optimization: Continuously tune and refine security tools, such as our SIEM (Security Information and Event Management) system, IDS/IPS (Intrusion Detection/Prevention Systems), and EDR (Endpoint Detection and Response) platforms, to reduce false positives and enhance detection capabilities.
• Security Architecture Input: Provide expert technical input and recommendations for enhancing the overall security architecture based on threat intelligence, incident trends, and vulnerability data.
• Mentorship &
  
  Coaching:
  
  Mentor and coach junior and mid‑level security analysts, fostering their technical skills in areas like forensics, log analysis, and threat intelligence.

• 8‑10+ years of progressive experience in a hands‑on cybersecurity role (SOC, Incident Response, or Threat Management)
• Proven ability to lead major security incident responses under pressure and manage communication across technical and non‑technical audiences
• Deep technical proficiency in log analysis, threat hunting methodologies, and digital forensics principles
• Expert‑level knowledge of networking protocols (TCP/IP), operating systems (Windows, Linux), and network/host‑based security technologies
• Demonstrated experience managing and optimizing a SIEM platform (e.g., Splunk, Microsoft Sentinel) and EDR solutions.
• Exceptional written and verbal communication skills, including the ability to present complex technical findings to executive leadership
• Alignment to Clark Standards of Excellence:
  Self‑Motivated, Results Oriented, Adaptable, Team Player, Accountable, Ethical, Innovative, Resilient, Builds Relationships, Builds People / Teams & Followership, Sets Direction & Executes

• Bachelor's or Master's degree in Computer Science, Cybersecurity, or a related field
• Relevant professional certifications such as CISSP, SANS GIAC (GCIH, GCFA, GNFA), or CEH
• Experience with cloud security principles and platforms (AWS, Azure, or GCP) and securing hybrid environments
• Direct experience with automation and orchestration technologies to streamline Sec Ops workflows
• Familiarity with industry security frameworks (e.g., NIST CSF, ISO…