|Published||June 6, 2023|
Seeking a Cybersecurity Operations Product Manager to support the Small Business Administration (SBA). This position will support the management for the operation of SBA’s Cyber Defense Operations Center (CDOC) and the performance of traditional SOC activities on behalf of SBA (24 hours per day, 7 days a week, 365 days per year to protect SBA information and information systems. Primary work location is the SBA Headquarters office in Washington, DC.
- Assist Government Branch Chief in developing and driving the global cybersecurity tactical operational initiatives by providing day-to-day management, oversight, and guidance to operations and management of the SBA Cyber Defense Operations Center (CDOC).
- Provide operational management, oversight, training, and quality assurance for a 24/7/365 GSOC consisting of a team with varied strengths responsible for event & alert monitoring, intelligence research and analysis, event, and incident management.
- Responsible for overall development of CDOC workflows, resources, and initiation of improvements where required.
- Serve as an escalation point and as a subject matter resource (SMR) in event & alert monitoring, intelligence research and analysis, event, and incident management.
- Act as Project Manager for major system and application development initiatives and provide timely reporting on the expected and on-going project status.
- Manage security operations projects, including process improvement and technology investment.
- Provide oversight of all Cybersecurity Operations projects and efforts to ensure they are being executed as planned on time/on budget/to requirements and in accordance with division, branch and agency instructions, guidance, and processes.
- Assist in providing financial stewardship for how funds are planned, estimated, budgeted, reported, and controlled; support the procurement of mission-related products and services, and the development of acquisition packages.
- Develop, monitor, and revise reports, dashboards, key performance indicator (KPI) metrics to track and report on performance.
- Identify gaps in core technical and programmatic capabilities and subsequently conduct strategic planning and implementation activities necessary to address those gaps.
- Develop and validate documentation and procedures and establish continuous process improvement (CPI) to ensure said products remain valid and effective over time, but more importantly create efficiencies and address current and future mission requirements. Additionally, conduct Business Process Engineering for cases where procedures do not exist.
- Ensure Security Operations tools are effectively utilized and operating, identify gaps in process or procedure and implement new solutions accordingly. Additionally, manage and partner with security service providers for security tool and process enhancements to improve the security posture.
- Bachelor’s Degree in Cybersecurity or related fields - equivalent work experience acceptable
- 13+ years of combined experience (8+ years of technical security experience; 5+ year of experience managing and leading a cyber incident response or security operations team) with an enterprise organization performing function/services to include, but not limited to:
- Incident Management/Response (monitoring, detection, analysis, containment, investigation, reporting, and resume steady state operations), to include crisis incident management
- Threat intelligence production, collection, analysis, and hunting
- Digital Forensics and E-Discovery
- Security Engineering, Operations, and Maintenance
- Current CISSP, CEH, or similar level certification.
- Proven experience managing and/or leading successful local and remote teams in an operational environment.
- Proven experience and the ability to interact authoritatively with a diverse group of senior executives, managers, and subject matter authorities.
- Ability to navigate and work effectively across complex, geographically dispersed teams.
- Strong analytical, problem solving, organization, time management, and interpersonal
- skills as well as verbal and written communication skills.
- Familiarity with offensive/defensive strategies.
- A deep understanding of cybersecurity laws, regulations, directives, memos, guidelines and industry frameworks and standards (i.e., FISMA, OMB Memorandum, CISA BODs, NIST, MITRE ATTA&CK).
- Self-Motivated and task oriented.
- Strong command of the English language.