Manager, Security Operations Center (Cyber)

Full Job Description

The Office of the Chief Administrative Officer (CAO) provides operations support services and business solutions to the community of 10,000 House Members, Officers and staff.

Qualifications: Minimum: · Associates degree (or above) in related field plus 10 years of work experience; OR equivalent work experience.

· 3-5 years of experience with working within a security operations center for a mid-to-large organization.

· Ability to effectively manage and lead a team of analysts including directly supervising and coaching approximately 10 analysts across different functional areas and providing guidance and oversight for our 24x7 SOC under a contractor lead/project manager.

· Experience and familiarity with common security tools such as Endpoint Detection and Response, Network Intrusion Detection, Security Information and Event Management, and Vulnerability Management tools.

· Knowledge of network architecture and the ability to identify, design, and coordinate the implementation of additional data sources required to identify intrusions.

· Knowledge of vulnerability management, network operating systems, threat actor techniques, and using that information to appropriately gauge and reduce technical and organizational risk.

· Ability to maintain effective working relationships with colleagues, users, contractors, and vendors.

· Ability to resolve problems by breaking down issues, finding possible solutions, and working with the appropriate stakeholders to find solutions to complex problems.

· Demonstrates a continuous improvement mindset and has the ability to critically review existing operational processes and coordinate with stakeholders to improve them while gaining concurrence on the new design.

· Ability to lead the development of measurable processes and provide visibility into the effectiveness, speed, and impact of the process.

· Ability to lead effective projects, communicate clearly throughout their execution, and complete them in a timely manner.

This includes determining the appropriate scope, deconstructing tasks, and successfully performing and measuring success of sprints.

· Ability to comprehend and integrate complex computer technology and software into an effective information systems security program.

· Ability to communicate effectively, both orally and in writing, with elected officials, senior staff, information systems professionals, and technical and non-technical users.

Preferred: · CISSP, CEH and other comparable certificates are preferred Security Requirement: · This position requires that the applicant obtain and maintain an applicable U.S.

Government security clearance, which requires U.S. citizenship. We will not submit your application for a clearance unless you are a U.S. citizen.

**Continued employment is contingent upon satisfactorily completing a criminal history records check (or other applicable security clearance) and a pre-employment drug-test (pre-identified position only).

Major Duties:

Job Summary: The Office of the Chief Administrative Officer (CAO) provides operations support services and business solutions to the community of 10,000 House Members, Officers and staff.

The CAO organization comprises more than 800 technical and administrative staff working in a variety of areas, including information technology, finance, budget management, human resources, payroll, child care, food and vending, procurement, logistics and administrative counsel.

This position is located in the Office of Cybersecurity (Cybersecurity), House Information Resources (HIR) office, Office of the Chief Administrative Officer (CAO), U.S.

House of Representatives (House). Cybersecurity maintains robust programs aimed at limiting malicious activities from compromising the House’s network.

Cybersecurity's primary purpose is to protect the House’s data by ensuring its confidentiality, integrity, and availability and to detect and respond to threats that would otherwise result in the loss of data or service disruptions.

This position serves as the Manager, Security Operations Center.

Key responsibilities include overseeing and coordinating the activities of Security Operations Center personnel; implementing incident response protocols; leading internal investigations of security violations; responding to all information security relevant events; ensuring that Service Level Agreements and Standard Operating Procedures are defined, tracked, and met; leading the day-to-day monitoring of House assets, hosts, networks, and data for attempted efforts to compromise security protocols; ensuring prevention of events that negatively impact confidentiality, Just availability, integrity, and the legislative process; providing leadership in the development and effective application of information security tools, policies, and procedures in direct support of the Security Operations Center; and acting as the liaison and conducting investigations with internal (House Officers, Member, Committee, and Leader) offices and/or external (e.g., Legislative Branch, FBI, Secret Service) agencies, as appropriate.

Grade level at time of appointment is determined by experience and designated level of responsibility. The position has day-to-day supervisory/managerial responsibilities.

Primary Duties/Responsibilities: · Maintains overall responsibility for the day-to-day running of the House’s Security Operations Center (SOC).

Central to this responsibility is translating leadership’s cybersecurity strategies into actionable tactical activities within the SOC, including working closely with Cybersecurity and HIR Leadership.

o Play a significant role in long-term SOC strategy and planning, including initiatives geared toward operational excellence through the development and supports of strategic plans and projects to meet Security and SOC goals and objectives.

o Works with teams in the development of a comprehensive set of operational security policies and standards designed to permit the organization to achieve its business objectives while effectively managing our security and compliance requirements.

o Maintains responsibility for administering an internal training program to better disseminate knowledge among SOC analysts and to further refine and standardize capabilities.

· Leads security incident response efforts by maintaining an in-depth knowledge of common attack vectors, common security exploits, and countermeasures.

Responds to all information security relevant events (hacker intrusions, virus infections, denial of service attacks, etc.).

o Maintains responsibility for developing and administering an incident response program with multiple layers of incident detection.

o Serve as a trusted advisor during incident response and coordinates between the technical team and executive management/stakeholders and ensures that both internal and external parties ensure timely and correct information o Coordinates with other business units to identify and coordinate access to data that assists in incident detection and response as appropriate.

· Responsible for ensuring that all internal projects are tracked, coordinated, and reported in collaboration with the appropriate SOC project teams and the project management office.

o Ensure that all detailed multi-week independently executed project plans demonstrate both appropriate progress and timely updates and assist with appropriate prioritization and intervention as needed.

o Maintain responsibility to produce robust operational and executive level metrics to provide system status, event handling statistics, operational effectiveness and efficiency, performance metrics, and to develop procedural recommendations.

This includes coaching staff to identify measurable components of their processes and procedures. · Performs other official duties and special projects assigned.