Security Operations & Engineering Manager

TMC is in search of a Security Operations & Engineering Manager specializing in boundary security for mixed assets within on-prem data centers. This position is considered to be a hybrid remote position requiring a minimum of 3 days ons site per week. The candidate must be a US citizen and possess a minimum of an active Secret clearance to start due to federal contract requirements.

The Security Operations & Engineering Manager will have the following responsibilities:

• Implementation of Information Technology Infrastructure Library (ITIL) Framework (IT service lifecycle: service strategy, service design, service transition, service operation and continual service improvement.)

• Recommend and/or support customer strategic planning to modernize the IT infrastructure to enable more mature SOC capabilities.

• Plan and manage tech refresh and modernization projects.

• Oversee support operations, service requests, maintain activities, and administer networks including hardware, systems software, applications software, patching, updates, maintenance activities, and all configurations.

• Collaborate across multiple disciplines and levels of the organization.

• Lead the coordinating of issue remediation and activities to ensure Service Level Agreement (SLA) for service quality and service availability are met.

• Provide metrics and reports customer to SLAs are met.

• Experience planning and coordinating program activities to include installation and upgrading of hardware and software (utilization of cloud services), programming and systems design, development, or modification of IT networks,

• Manage Staff and their performance to include training, professional development, performance management and evaluation.

• Advise and participate in recruiting and onboarding activities for new staff.

• Support the ISSO in ensuring operations and security of the environment is compliant with the System Security Plan, agency, and federal mandates to maintain ATO.

Additionally, the Security Operations & Engineering Manager will have:

Knowledge of security system design tools, methods, and techniques

Knowledge of key concepts in security management (e.g., Release Management, Patch Management)

Knowledge of network design processes, to include understanding of security objectives, operational objectives, and trade-offs.

Knowledge of new and emerging information technology (IT) and cybersecurity technologies.

Knowledge of specific operational impacts of cybersecurity lapses.

Knowledge of system life cycle management principles, including software security and usability.

Knowledge of capabilities and requirements analysis.

Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth)

Knowledge of basic system, network, and OS hardening techniques.

Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems.

Skill in identifying systemic security issues based on the analysis of vulnerability and configuration data.

Skill in troubleshooting and diagnosing cyber defense infrastructure and application anomalies and work through resolution.

Skill in applying and incorporating information technologies into proposed solutions.

Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).

Skill in recognizing vulnerabilities in security systems. (e.g., vulnerability and compliance scanning).

Skill in developing and applying security system access controls.

Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.

Skill in independently making configuration updates to ensure system availability requirements.

Skill in system, network, and OS hardening techniques. (e.g., remove unnecessary services, password policies, network segmentation, enable logging, least privilege, etc.)

Ability to write and verbally communicate effectively to both technical and non-technical audiences.

Strong problem-solving and analytical skills and demonstrate poise and ability to act calmly and competently in high-pressure, and high-stress situations.

Ability to share meaningful insights about the context of an organization's threat environment that improve its risk management posture.

Ability and drive to quickly learn new software and IT concepts.

Understanding of accepted security practices, troubleshooting issues, attack vectors, and customer support.

Knowledge and experience in supporting: Linux/UNIX, Python/PowerShell/Javascript, vulnerability scanning & patching, firewalls, and networking.

Knowledge and experience in administering: Windows, Archer, ThreatConnect, FireEye, Tenable/Nessus, WebInspect, SCCM, VMWare, FreeNAS/Pure/NetApp storage, and PKI certificate management

Experience with MS Office products (Word, Excel, and PowerPoint) working with large data sets.

Good oral and written communication skills

Job Requirements

US Citizenship required.

Must be able to maintain security clearance, specifically DoD/Top Secret Clearance or (Interim Top Secret or Secret acceptable).

Bachelor's degree in computer science, Engineering, Information Technology, Cybersecurity, or a related field with 5+ years of prior relevant experience or a Masters with 3+ years of prior relevant experience. Experience in lieu of degree may be acceptable.

(ISC)² Certified Information Systems Security Professional (CISSP) Certification or equivalent certification

Generally has 2+ years of experience supervising or leading teams or projects

Preferred Experience, Skills, and Education:

• Demonstrated experience in cyber security design, engineering and operations.

• Experience with System Administration, Network Administration Network Security, Networking Standards, Network Protocols, NIST/FISMA standards and controls, SIEM platforms and security tools, Network Hardware Configurations

• Knowledge of NIST SP 800 53 series or ISO 27000 series documents

• Windows 10 security best practices and configurations

• Understanding of advanced threat detection in an enterprise environment

• Understanding of malware families, their types, and the threat they pose

• Proficiency with Microsoft Windows administrative & troubleshooting tools.

• Demonstrated experience performing cybersecurity analysis from an operations & engineering perspective.

• Experience with Splunk (preferred) or other SIEM platform

We are equal opportunity/affirmative action employers, committed to diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, disability, or protected veteran status, or any other protected characteristic under state or local law.