Cyber Defense Operations Lead

Trillion Technology Solutions is hiring for a Cyber Defense Operations Lead to join our team!

The Cyber Defense Operations Lead will manage a team that provides CDO support function services for DCSA. CDO support services include continuous monitoring, data to include but not limited to network and host vulnerability scanning IDS, firewall, network sensor tuning, net flow/packet capture (PCAP). Collect and keep audit data in order to conduct a technical analysis relating to misuse, penetration, or other incidents involving DCSA IT.

Clearance: TS/SCI

Requirements:

• Must be a US Citizen and maintain a TS/SCI clearance
• Must have DoD8140/DoD 8570.01 – M IAT Level III; CSSP-Manager is preferred
• Must have strong written and verbal skills
• Bachelor's Degree in IT-related field or 8+ years of relevant experience
• Demonstrate familiarity with executive orders, federal laws, DoD policies, NIST, DoD 8570.07-M/8140, DoD 8500, etc.
• Forescout Administrator certification

Preferred Skills:

• 10 years Cyber Defense Operations experience
• Additional certification preferred: EnCase Certified Examiner

Job Duties:

• Collect and keep audit data in order to conduct a technical analysis relating to misuse, penetration, or other incidents involving
• DCSA IT.
• Assist in providing this data to appropriate law enforcement (LE) or other investigating agencies.
• Ensure traffic analysis, vulnerability analysis, cyber threat hunting, wireless scanning, end security analysis, vulnerability analysis,
• network access control, network and computer forensics investigations, insider threat support, web traffic analysis, and various
• cybersecurity application/tools installed on (servers, workstations, to include maintenance and upkeep of the server.
• Conduct intrusion assessments (red/blue/hunt team activities) to validate compliance and identify exposures with existing
• defensive cyber operations software, tools, and systems.
• Identify exploitable vulnerable points and provide remediation recommendations.
• Receive and perform preliminary analysis on warning intelligence from approved intelligence community sources' cyber
• intelligence reports.
• Identify potential impact to operations or through the review of cyber continuous monitoring data. Correlate warning
• intelligence and attack sensing and warning (AS&W) data to search for advanced, persistent, and coordinated threats across
• DCSA enclaves.
• Develop tailored countermeasures to address identified threats and prevent or mitigate potential cyber event impacts to
•  
• Provide administrative level Network Access Control (NAC) monitoring and support. Support includes creating policies that
• ensure that the Department of Defense Chief Information Officer (DOD-CIO) Comply to Connect (C2C) mandate is adhered to.

Trillion is an equal opportunity employer. Applicants are considered for positions without regard to race, religion, gender, native origin, age, disability, or any other category protected by applicable federal, state, or local laws.