Deputy Cyber Incident Response Team (CIRT) Manager, Argo Cyber Systems, Arlington, VA
Argo Cyber Systems -
N/A
Arlington, VA,
US
N/A
Deputy Cyber Incident Response Team (CIRT) Manager
Date Posted: 2024-05-04
Job description
Deputy Cyber Incident Response Team (CIRT) Manager
The Deputy Cyber Incident Response Team (CIRT) Manager ensures exceptional service for managed services customers and helps drive employee engagement for CIRT staff members. They will help coordinate the daily activities of CIRT staff; orient, train, and mentor staff; monitor incident management queues; address client escalation issues; and interface with clients as needed. The CIRT Deputy Manager is expected to be process-oriented and accountable for the overall success of the CIRT's Cyber Defense Mission.
This position requires a minimum of a USG Top Secret Security Clearance
Responsibilities Include:
Support managing CIRT team consisting of up to 30 cyber defense analysts providing cyber detection, incident response, and recovery coordination services to the customer. Provide leadership and guidance to the incident response team members, fostering a collaborative and cohesive working environment. Aid in prioritizing tasks and assigning responsibilities during incident response efforts.
Serve as a subject matter expert in identifying cyber threat events and incident response. Provide input on process improvements and contribute to the technology roadmap for the strategic plan.
Manage and coordinate the organization's incident response activities, including detection, analysis, containment, eradication, and recovery efforts for security incidents.
Develop and maintain incident response plans, playbooks, and procedures tailored to the organization's needs. Ensure that response plans are regularly reviewed, updated, and tested.
Ensure thorough documentation of security incidents, including incident timelines, actions taken, and lessons learned. Prepare incident reports and post-incident reviews to identify areas for improvement and implement corrective measures.
Field escalated customer issues and resolve or refer to specialized experts as needed
Identify both tactical and strategic solutions to contain incidents.
Develop and refine processes, procedures, and techniques used by the team to continually improve the incident response efforts.
Perform metrics trend analysis and reporting; guide resultant process improvement.
Communicate policies, expectations, and feedback to CIRT staff
Facilitate a high-performance team environment and employee engagement
Guide and coordinate projects requiring scheduling.
Contribute to developing, communicating, and implementing policies, procedures, best practices, recommendations, and guidelines for standards.
Train, mentor, and develop a talented group of security operations and incident response professionals. Conduct individual meetings with team members to address performance, and training needs, set expectations, and facilitate a 2-way dialogue regarding the team members' experience.
Other duties as assigned and required.
Required Skills:
Must be a U.S. Citizen
This position requires an active/current Top-Secret security clearance with SCI eligibility.
Must be able to obtain DHS suitability before starting employment.
10+ years of directly relevant experience
Computer Emergency Response Team (CERT/CIRT) hands-on experience
Current experience with network intrusion detection and response operations (Protect, Defend, Respond, and Sustain procedures)
Hands-on experience in the detection, response, mitigation, and/or reporting of cyber-attacks affecting client networks
Computer network surveillance/monitoring
Current incident response experience using Splunk
Current experience with AWS/Azure security solutions and cloud security investigations