Operations Leader - Cloud​/IaaS

Description

The GSM-O II TN22 team has an opportunity for a current team member to move into a leadership position supporting cyber operations.

The Operations Leader provides daily leadership, direction, and guidance to a team responsible for delivering 24x7 cybersecurity monitoring services for Department of Defense networks. This role encompasses cyber threat intelligence analysis, correlation of actionable security events, network traffic analysis using raw packet data, and coordination of resources during incident response activities. The Operations Leader will also foster the professional development of team members and ensure consistent, transparent communication with operational leadership within a five-day 8-hour shift structure.

• Lead a team of approximately 6-8 cybersecurity analysts, providing guidance and oversight in the following areas:
  • Monitor, analyze, and correlate real-time DoD and open-source intelligence feeds to identify Indicators of Compromise (IOCs), actively integrating threat intelligence into security sensors and SIEMs to proactively counter emerging threats.
  • Triage and investigate security alerts across customer networks generated from endpoints, IDS/IPS, Net Flow, VPC Flows, raw packet data, and cloud-native or custom monitoring sensors to rapidly isolate malicious actors.
  • Correlate security events and analyze extensive log files across diverse datasets within multi-cloud environments (AWS, GCP, Oracle) to identify, prioritize, and investigate potential compromises.
  • Coordinate and collaborate closely with incident response teams to rapidly contain and eradicate threats across hybrid and cloud-hosted environments.
• Technical Reporting & Incident Escalation:
  Author detailed technical investigation reports outlining incident findings and report critical security events to customers and USCYBERCOM to ensure a timely and coordinated national defense response.
• Team Leadership & Development:
  • Lead and support assigned personnel by:
    • Conducting regular employee engagement activities to foster a positive and productive work environment.
    • Collaborating with People Leaders and senior management to support employee training, performance management, and performance reviews.
    • Maintaining consistent and effective communication with the chain of command, customers, civilian personnel, and employees to ensure daily operational tasks are completed effectively.
  • Collaborate with senior leadership to ensure long‑term mission effectiveness and the resolution of any operational roadblocks.
  • Ensure the consistent implementation and adherence to leadership directives and organizational policies in collaboration with People Leaders.

• Minimum active DoD TS clearance
• Current DoD 8570 IAT Level II certification (or higher), such as CompTIA Security+ CE, ISC2 SSCP, or SANS GSEC (or equivalent).
• Ability to obtain DoD 8570 CSSP-A Level Certification (e.g., CEH, CySA+, GCIA, or equivalent) within 180 days of hire.
• Strong foundation in networking, including packet analysis, common ports and protocols, and traffic flow. Knowledge of the OSI model, defense-in-depth security principles, and common security elements for effective threat detection, analysis, and mitigation as a SOC Security Analyst.
• Bachelor's degree and 4+ years of relevant experience; equivalent work experience and/or military service may be considered in lieu of a degree.
• Proven ability to work effectively both independently and as a collaborative team member, demonstrating initiative and a strong work ethic in both settings.
• Committed to continuous learning and self-improvement in the cybersecurity domain, as evidenced by ongoing pursuit of certifications, active participation in industry forums, and dedication to staying ahead of emerging threats and technologies.
• Excellent problem‑solving skills, including the ability to collaborate effectively with cross‑functional teams to address complex security challenges in real‑world scenarios. This includes the ability to communicate technical information clearly and concisely, build consensus, and drive solutions to completion.
• Reliable and flexible, with…