Cyber Defense Operations Lead at Broadleaf, Inc. in Quantico, Virginia

Job Description:

Broadleaf, Inc has been featured as one of Inc. Magazine's "Top 5000 fastest growing companies" www.inc.com/profile/broadleaf

Founded in 2009 and headquartered in Virginia, Broadleaf is a Native Hawaiian Organization (NHO) owned small business. We are a mature 8(a) firm who has achieved Capability Maturity Model Integration (CMMI) Level 3 for Development, CMMI Level 3 for Services, and ISO 9001, ISO 27001, and ISO 14001 certifications. These quality improvement programs directly influence our management and technical solutions.
Unlike other small businesses, our certifications prove that we have mature processes and procedures which will be used to deliver a high-quality service to our clients.
 
What is an NHO?
Native Hawaiian Organization or NHO is a community service organization serving Native Hawaiians in the State of Hawaii which is a not-for-profit organization chartered by the State of Hawaii, is controlled by Native Hawaiians, and whose business activities will principally benefit such Native Hawaiians.
 
Our NHO’s Mission
NHO is a non-profit organization designed to benefit the Hawaii people through the development and advocacy of Science, Technology, Engineering and Math (STEM) education and by promoting Hawaii’s role as America’s Gateway to the Pacific.
Our NHO supports this missions through an agenda that facilitates community resilience, development, economic prosperity, and strengthens Hawaii’s relationships with its Asia-Pacific neighbors.

• CDO support services include continuous monitoring, data to include but not limited to network and host vulnerability scanning IDS, firewall, network sensor tuning, net flow/packet capture (PCAP). Collect and keep audit data in order to conduct a technical analysis relating to misuse, penetration, or other incidents.


• Traffic analysis, vulnerability analysis, cyber threat hunting, wireless scanning, end point security analysis, vulnerability analysis, network access control, network and computer forensics investigations, insider threat support, web traffic analysis, and various cybersecurity application/tools installed on (servers, workstations, to include maintenance and upkeep of the server.


• Analysis reports, forensics investigations, trend reports. Analysis reports are conducted daily, covering the Security Information and Event Manager (SIEM), end point security, network access control, and vulnerability scanners, threat hunt operations. Analysis reports are produced daily covering 30 plus activities that are used to depict current network security and any anomalous activity.

EDUCATION REQUIREMENTS:

• Bachelors Degree in Information Technology, Information Systems Management, or Cybersecurity

BASIC QUALIFICATIONS:

• Seven 7 Years- managerial Computer Network Defense or Cyber Operations experience


• Leading a team of 3 or more analysts in a cohesive and collaborative effort to proactively and reactively defend an enterprise network


• Proactively working with appropriate teams to implement and test new detection rules and procedures.


• Lead incident after action reviews/postmortems and produce reports and briefs fit for senior officials


• Lead a response that begins with alerting, investigation, identification, hunt, clear, defend, evidence collection, report production


• Knowledge of DISA Security Technical Information Guides, NIST SP 800-61, CJCSM 6510.01 B, United States Cyber Command guidelines, and other applicable DoD Cybersecurity and Computer Network Defense policies


• Experience developing and reporting metrics, preferably in a near-real time dashboard or common operating picture.


• Develop, maintain, and provide a weekly brief that captures all of the cyber events including metrics and trends


• Be able to maintain TS/SCI clearance and access to required commercial and/or DoD systems including NIPRNet, SIPRNet, and JWICS


• Liaise with internal and external partners at all levels, government and private sector, in order to benefit the organization and provide for more uniform situational awareness and common defense


• Lead SOC shift change briefings


• Correlate warning intelligence and attack sensing and warning (AS&W) data to search for advanced, persistent, and coordinated threats across the enterprise


• Analyze impact of cyber warning intelligence and AS&W

CERTIFICATION(S):

• IAT Level III REQUIRED


• CSSP-Manager Preferred

CLEARANCE LEVEL:

• Active TS/SCI Clearance

WORK ENVIRONMENT AND PHYSICAL DEMANDS:

• This is a partial Telework position

BENEFITS:

• Health, Dental, Vision, 401K Matching, AD&D Insurance

EEO Employer F/M/Vet/Disabled