Vienna, VA

Manager, Cyber Threat Intelligence and Focused Operations

Job Specs

Code:
4880216002
Department:
Cyber Defense
Date:
20-09-16
Offices:
Merrifield, Virginia, United States

Job Description:

XOR Security is currently seeking a Manager, Cyber Threat Intelligence and focused Operations.

This position is responsible for the Navy Federal’s Cyber Threat Intelligence and Focused Operations programs within the Cybersecurity Operations Center (CSOC), responsible for cyber threat intelligence, adversary emulation, and threat hunt operations.  The Manager will work closely with Cybersecurity leadership to define the strategic vision for the program and continuously develop and mature an intelligence-driven computer network defense program.  The Manager will work closely with additional teams of cybersecurity analysts and engineers to protect Navy Federal’s brand, data, and IT assets from cyber-based threats.

Responsibilities

  • Oversee the development of the Cyber Threat Intelligence and Focused Operations programs.
  • Track and perform adversary emulation based on TTP’s as defined within the MITRE ATT&CK framework as well as subsequent and detection validation.
  • Proactively search for data exposures or related incidents, indications of compromise, and providing advanced threat analysis for security events.
  • Develop and maintain a catalog of intelligence products for a diverse stakeholder audience as well as intelligence requirements to drive collection, processing, analysis and dissemination of cyber threat information.
  • Support the Incident Response & Monitoring team and other areas of the CSOC in the effective detection, analysis, containment, and eradication of malicious activity.
  • Collaborate with industry partners and internal lines of business to discover and analyze threats.
  • Escalating issues to management in a timely manner with appropriate information regarding risk and impact.
  • Develop and establish operational metrics and reporting based on KPI's/KRI’s and OKR’s.
  • Manage personnel to include establishing KSA’s, performance management and professional development, and provide leadership, guidance, and technical expertise.
  • Provide external audit evidence/support and assure compliance to required standards, procedures, guidelines and processes.
  • Regularly conduct Lessons Learned / After Action Reviews.
  • Execute ad-hoc tasks or lead small projects as needed.

Qualifications

Required:

  • Previous experience building out an operational capability, preferably within a cyber-related function.
  • A strong understanding of the current threat landscape and adversary tactic, techniques and procedures (TTP's).
  • Experience in adversary emulation, dark/deep web research, and threat hunting.
  • Understanding of the intelligence cycle, analytical tradecraft, threat modeling, and research methodologies.
  • A strong desire to solve challenging and complex problems.
  • Strong deductive reasoning and critical thinking abilities.
  • Experience with CND-based analytical frameworks (e.g., Cyber Kill Chain, Pyramid of Pain, MITRE ATT&CK, etc.).
  • Experience delivering senior leader presentations and written products.
  • Excellent verbal and written communication skills to include the ability convey technical details in a clear and understandable manner to both, technical and non-technical audiences alike.
  • Previous supervisory or management experience over a technical team.
  • Strong leadership qualities to include the ability to team-build, lead, mentor, and motivate others.
  • The ability to foster team work and collaboration across operational teams.
  • Strong planning and organizational skills for the purposes of prioritizing tactical/strategic initiatives and achieving goals.

Preferred:

  • Experience with leveraging Splunk or other big data analytic platforms.
  • Relevant certifications GIAC (e.g., GCIH, GCIA, GCFA, etc.), CEH, CISSP, Security+.
  • Prior experience working in financial services or other highly-regulated sector.
  • Experience managing a geographically dispersed workforce.

Location

Pensacola, FL or Vienna, VA (occasional travel between these locations is required)

Hours: Monday-Friday, 8:00AM-4:30PM EST

Closing Statement:

XOR Security offers a very competitive benefits package including health insurance coverage from the first day of employment, 401k with a vested company match, vacation and supplemental insurance benefits.

XOR Security is an Equal Opportunity Employer (EOE). M/F/D/V.

Citizenship Clearance Requirement
Applicants selected may be subject to a government security investigation and must meet eligibility requirements - US CITIZENSHIP and TOP SECRET CLEARANCE REQUIRED.