Deputy Cyber Incident Response Team (Cirt) Manager

Job Title: Deputy Cyber Incident Response Team (CIRT) Manager

Location: Pensacola, FL - Hybrid

Duration: Contract

Clearance: Active TS with SCI Eligibility required.

Job Description:

The Deputy Cyber Incident Response Team (CIRT) Manager ensures exceptional service for managed services customers and helps drive employee engagement for CIRT staff members. They will help coordinate the daily activities of CIRT staff; orient, train, and mentor staff; monitor incident management queues; address client escalation issues; and interface with clients as needed. The CIRT Deputy Manager is expected to be process oriented and accountable for the overall success of the CIRT's Cyber Defense Mission.
Responsibilities include:
Support managing CIRT team consisting of up to 30 cyber defense analysts providing cyber detection, Incident Response, and recovery coordination services to the customer.
Lead activities and technical direction of CIRT staff to diagnose and resolve client enterprise cyber alerts
Field escalated customer issues and resolve or refer to specialized experts as needed
Monitor and report the status of tickets and other cyber defense tasks assigned to the CIRT and ensuring items are coordinated, logged, tracked, and resolved appropriately.
Provide input on process improvements and contribute to the technology road map for the strategic plan.
Perform metrics trend analysis and reporting; guide resultant process improvement.
Communicate policies, expectations, and feedback to CIRT staff
Facilitate a high-performance team environment and employee engagement
Guide and coordinate projects requiring scheduling
Contribute to the development, communication and implementation of policies, procedures, best practices, recommendations, and guidelines for standards.
Conduct individual meetings with team members to address performance, training needs, set expectations, and facilitate a 2-way dialogue regarding the team members' experience
Other duties as assigned and required.
Required Skills:
Must be a U.S. Citizen
This position requires an active Top Secret security clearance with SCI eligibility.
Must be able to obtain Client suitability prior to starting employment.
10+ years of directly relevant experience
Computer Emergency Response Team (CERT/CIRT) hands-on experience
Current experience with network intrusion detection and response operations (Protect, Defend, Respond and Sustain procedures)
Hands-on experience in the detection, response, mitigation, and/or reporting of cyber attacks affecting client networks
Computer network surveillance/monitoring
Knowledge and understanding of network protocols, network devices, multiple operating systems, and secure architectures
Familiar with System log analysis, computer evidence seizure, computer forensic analysis, and data recovery
Experience with current cyber threats and the associated tactics, techniques, and procedures used to infiltrate computer networks
Excellent verbal and written communication skills
Efficient delegation and task prioritization
Ability to interview and select employees in accordance with company guidelines and EEOC commitments
Ability to coordinate and facilitate staff training
Ability to provide feedback, coach employee performance, and effectively implement disciplinary action as needed
Ability to manage and resolve conflicts as they arise
Demonstrated ability to document processes
The ability to respond to crises efficiently and objectively
Proficiency with MS Office Applications
Must be able to work collaboratively across agencies and physical locations
Desired Skills:
Current experience with Splunk
Experience supporting Client, Federal Civil, Intelligence and/or DoD Customers
Computer Forensics experience
Malware reverse engineering experience
Experience with Risk and Opportunity management
Scripting experience (python, Perl etc.)
Experience with process development and deployment
Prior experience with data visualization products such as Analyst Notebook
Prior experience working in one of the following highly desired:
DOD/FED Cyber Client organization
DCIO/MCIO, with Cyber Counterintelligence focus

Education: Bachelor's required