Cyberspace Operations Team Lead

Cyberspace Operations Team Lead

Core4ce

We are seeking a Cyberspace Operations Team Lead to support the United States Transportation Command (USTRANSCOM) under the TRANSCOM Cyberspace Operations Forces and Support (COF II) program. In this role, you will lead a team responsible for cybersecurity operations supporting mission‑critical Department of Defense networks, systems, and cloud environments.

This position is ideal for a cyber operations leader with strong experience in incident response, threat analysis, detection engineering, and defensive cyber operations within a DoD or federal environment. You will serve as a key interface with government stakeholders, mission partners, and internal technical teams to help protect and defend USTRANSCOM's enterprise.

• Lead day‑to‑day cybersecurity operations in support of USTRANSCOM's Cybersecurity Service Provider (CSSP) mission
• Supervise and guide personnel performing:
  • Intrusion detection and monitoring
  • Incident response and incident management
  • Cyber threat analysis
  • Cyber forensics
  • Analytic and orchestration development
  • Detection engineering
• Serve as the primary contractor lead for cyber operations‑related activities and deliverables
• Coordinate with government stakeholders, CSSP subscribers, and mission partners including CPTs, USCYBERCOM, DISA, and other cyber defense organizations
• Support defensive cyber operations initiatives across on‑premises and cloud environments
• Help develop and improve operational processes, procedures, SOPs, metrics, dashboards, and reporting
• Provide technical and strategic input on cyber operations capabilities, services, and mission priorities
• Support cyber incident investigations, reporting, response actions, and after‑action activities
• Contribute to continuous improvement of cyber operations, analytics, and detection capabilities
• Provide weekly summaries and operational status updates to leadership
• Support after‑hours and weekend response requirements for incidents and exercises as needed

* This position is designed to be flexible, with responsibilities evolving to meet business needs and enable individual growth.

• Active Top Secret clearance is required
• U.S. citizenship is required
• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Engineering, Information Systems, or a related field; equivalent experience may be considered
• 7+ years of information assurance or cybersecurity experience
• 5+ years of experience in cyber analytic development, incident response, threat analysis, and cybersecurity engineering and/or architecture
• Experience leading cybersecurity operations teams in a DoD, federal, or similarly complex mission environment
• Strong knowledge of NIST and DoD cyber policies, standards, and guidance
• Experience with defensive cyber operations, cyber incident response, and threat analysis
• Understanding of cybersecurity metrics, auditing, and operational reporting
• Familiarity with zero trust concepts such as least privilege, access control, micro‑segmentation, orchestration, and privileged access management
• Experience securing virtualized and cloud‑based environments
• Strong communication skills and the ability to work effectively with technical and non‑technical stakeholders
• Must be eligible for and able to maintain SCI access
• Must meet all contract and customer requirements for access to government systems and facilities
• Must meet applicable DoD Cyber Workforce Framework (DCWF) qualification requirements

• Experience supporting a DoD Cybersecurity Service Provider (CSSP), Combatant Command, or similar mission
• Familiarity with SIEM, SOAR, EDR, EPP, NIDS, and other enterprise cyber defense technologies
• Knowledge of network architecture, firewalls, proxy services, WAFs, ports, protocols, and network segmentation
• Experience with Microsoft Windows, Red Hat Linux, and Unix security configurations
• Familiarity with virtualization and cloud security technologies
• Experience creating technical documentation, SOPs, or operational procedures

• Splunk, Microsoft Sentinel, Elasticsearch, Tines, Palo Alto XSOAR, Crowd…