The Cybersecurity Incident Response Manager contributes to the success of our mission by coordinating and directing defensive Cybersecurity operations during critical and high tempo operations, in accordance with established policies and best practices. This position will work closely with the Security Operations Director to execute strategic vision for the team and assist in maturing a proactive threat hunting based active defense program.

As SNC's corporate team, we provide the company and its business areas with strategic direction and business support spanning executive management, finance and accounting, operations, human resources, legal, IT, information security, facilities, marketing, and communications.

_This role is open to a hybrid schedule_

**Responsibilities:**

+ Manage a dispersed group of threat hunters and incident responders to rapidly detect anomalous behavior and defend computer networks and information systems from insider threats, advanced criminals, and nation state attackers

+ Coordinate the flow of information between cross functional teams to ensure incidents are properly tracked, escalated, and reported

+ Review and analyze data from a variety of Cyber defense tools, including network traffic logs, Intrusion Detection or Prevention System alerts, firewall or system logs, and open source information to identify threat activity and recommend appropriate countermeasures and mitigations

+ Report intrusion attempts, compromises malicious actor activities to management

+ Proactively analyze, organize and develop new intelligence on advanced threats

+ Develop, analyze, and disseminate information on threat actors

+ Coordinate computer network incident response from detection through remediation

+ Identify and mitigate general attack stages (e.g., foot printing and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks, etc)

+ Identify system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, PL/SQL and injections, race conditions, covert channel, replay, return-oriented attacks, and malicious code)

+ Actively train, coach, and develop the team

**Must Haves:**

+ Bachelor's degree in Cybersecurity, Network Engineering, Information Technology or related Engineering field of study and typically 4 - 6 years of as a senior-level Cybersecurity Analyst or Engineer including demonstrable experience with Incident Response, Threat Hunting, and Forensic Analysis

+ Knowledge of technical standards relating to systems security; experience administering UNIX, Linux, and Windows operating systems, experience with large-scale server systems, thin client architecture, system virtualization and other related peripherals

+ Experience with A&A requirements as outlined in the NISPOM, RMF for DOD, ICD 503, JSIG & NIST RMF

+ Ability to manage and triage multiple security events, differentiating urgent issues from the merely important

+ Prior experience with the US Department of Defense or US Intelligence Community

+ Knowledge of incident response processes OR Cyber-attack exploitation techniques OR threat intelligence reporting

+ Proven experience leading and responding to complex incidents

+ Broad knowledge of the tactics and techniques of advanced threat actors and computer criminals

+ Extensive forensic knowledge and experience required

+ Excellent social, verbal, and written communication skills, with demonstrated ability to present analytical data to a variety of technical and non-technical audiences

+ Experience with 3 or more of the following **:** Incident response processes, automated intrusion detection capabilities and analysis techniques, malware analysis and classifications, Cyber-attack types and exploitation techniques, Cyber-attack modeling, threat intelligence reporting and analysis, or incident reporting and sharing requirements, computer forensics

+ The ability to obtain and maintain a Secret U.S. Security Clearance is required

**Preferred:**

+ Prior experience with the US Department of Defense, intelligence community, or law enforcement cyber crimes

+ 5+ years of cybersecurity experience leading a remote/virtual team

+ Excellent interpersonal and communication skills to interact effectively with others

+ Project/program management experience

+ Experience with NIST SP 800-171 control implementation and management

+ Familiarity with CMMC & DFARS compliance

+ Preferred Certifications: CISSP, CISM, CRISC, CASP, CCNA CCNP, GSEC, GCIH, GCFA, GDSA, GSLC, GSOM, PNPT, OSCP, PMP

At Sierra Nevada Corporation (SNC) we deliver customer-focused technology and best-of-breed integrations in the aerospace and defense sectors. SNC has been honored as one of the most innovative U.S. companies in space, a Tier One Superior Supplier for the U.S. Air Force, and as one of America's fastest-growing companies. Learn more about SNC (https://www.sncorp.com/who-we-are/about-snc/)

Estimated Starting Salary: $126,031.74 - $173,293.65

\#LI-Hybrid

SNC offers annual incentive pay based upon performance that is commensurate with the level of the position.

SNC offers a generous benefit package, including medical, dental, and vision plans, 401(k) with 150% match up to 6%, life insurance, 3 weeks paid time off, tuition reimbursement, and more (https://www.sncorp.com/careers/total-rewards/) .

**IMPORTANT NOTICE:**

This position requires the ability to obtain and maintain a Secret U.S. Security Clearance. U.S. Citizenship status is required as this position needs an active U.S. Security Clearance for employment. Non-U.S. citizens may not be eligible to obtain a security clearance. The Department of Defense Consolidated Adjudications Facility (DoD CAF), a federal government agency, handles the adjudicative aspects of the security clearance eligibility process for industry applicants. Adjudicative factors which affect the outcome of the eligibility determination include, but are not limited to, allegiance to the U.S., foreign influence, foreign preference, criminal conduct, security violations and illegal drug use. Learn more about the background check process for Security Clearances (https://www.dcsa.mil/About/)

At Sierra Nevada Corporation (SNC), our mission is to dream, innovate, inspire and empower the next generation to transform humanity through technology and imagination. As an Equal Opportunity Employer, we welcome our employees to bring their whole selves to their work. SNC is committed to fostering an inclusive, accepting, and diverse environment free of discrimination. Employment decisions are made without regarding to race, color, age, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran or other characteristics protected by law. Contributions to SNC come in many shapes and styles, and we believe diversity in our workforce fosters new and greater ways to dream, innovate, and inspire.