Position Summary: The CERT Program is a world-class program within the SEI, a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania. The CERT Program engages in cutting-edge research and development and develops and transitions disciplined approaches to improve the survivability and resiliency of the US Department of Defense, US Intelligence Community, federal civilian agencies, private sector organizations and their networked information systems. CERT supports government customers by developing and transitioning cutting-edge analysis techniques and tools, providing strategic advisement, and supporting tactical operations.
CERT is seeking a dynamic Security Operations Technical Manager (TM) who will lead, shape and manage the growth of a cutting edge security operations program. This candidate will be able to reason about complex problems, be an innovator, and a leader.
This candidate must be able to develop and execute a technical agenda and strategic roadmap to continually improve the state of the art and practice of Security Operations and Incident Management/Response. The TM will need to be able to communicate this technical vision and be capable of building consensus within the team and to maintain a successful culture built on high-quality and impactful customer work.
This approximately 20-person Security Operations team works from the SEI’s Pittsburgh and Arlington offices, and is embedded at USG facilities in the Washington DC-Baltimore area. The position of technical manager is responsible for all aspects of developing and executing the body of work to include setting the technical direction; managing financials; business development; and personnel issues.
This role reports to the Director of Monitoring and Response, a directorate in the CERT Division.
Minimum Qualifications and Requirements:
Education/Training: BS in a Computer Science or related scientific/technical field with ten (10) years’ experience, or equivalent combination of training and experience.
Experience: Experience listed above should include:
- Work in cyber security or intelligence operations;
- Prior responsibility managing a team comprising a total of at least 10 individuals with commensurate personnel and financial authority.
- These individuals should have had cyber operations roles.
Skills/Abilities: Working knowledge of:
- Current security challenges and threats faced by a subset of the following audiences: USG intelligence, defense, law enforcement, civilian departments, and critical infrastructure.
- USG mission’s areas/owners in cyber security.
- Community best practices in cyber operations and associated tools/techniques.
- Understanding of existing standards and models for security operations, incident response, intrusion analysis and cyber threat intelligence.
- Internet protocols, operations, and governance.
- International policies, frameworks, treaties and conventions.
- Set and implement a strategic direction for a technical area and group.
- Codify operational experience into best practices.
- Conduct technical project management.
- Brief strategic and technical topics to senior management and non-technical audiences;
- Sustain a team with business development activity.
- Foster professional growth and develop technical/professional leadership capabilities in technical staff.
Physical Mobility: Primarily sedentary in an office setting with some mobility. Requires travel to various domestic locations within the SEI and CMU community to include the SEI Arlington/Pittsburgh office; sponsor sites; conferences; and offsite meetings with routine frequency (up to one 2 day trip every week).
Environmental Conditions: Normal office conditions; close contact with computer display for extended periods of time.
Mental: The ability to: work meticulously with careful attention to detail; meet deadlines while working on multiple tasks – sometimes under pressure and with shifting priorities; deal collaboratively, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff; ability to grasp the big picture, direction, and goals of an effort; develop and communicate innovative ideas; and excellent oral and written communication skills.
Other: Candidates will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.
Preferred Qualifications and Requirements:
Education/Training: MS in a related technical field with ten (10) years of experience, or equivalent combination of training and experience.
Experience: Experience listed above should include:
- Working for or supporting the USG.
- Supporting multiple sponsors/customers.
- Supporting customers in an operational security environment such as incident response, intelligence, or a security operations center.
- Supporting elements of the critical infrastructure sectors or international NCSIRTs.
- Leading community building activities in the critical infrastructure, NCSIRT, or USG space.
- Establishing and defining processes for operational security organizations, and codifying best practices from community and operational experience.
- Leading workforce/capacity building projects.
- Prior responsibility in managing a team of 15-20 individuals with commensurate personnel and financial authority.
- Participation in public and closed community security forums through activities such as publication, presentation, collaborative security operations, and collaborative research.
- Experience leading work internationally.
- Practical experience leading, defining, or applying TTPs for cyber operations;
- Working knowledge of secure systems and network architecture practices.
Accountability: This position is accountable for the specification and execution of all any Incident Analysis technical area work plans and a subset of the SEI operational plan.
Direction: The individual in this position is expected to act autonomously using CMU, SEI, and CERT, defined policies, practices, and procedures. Additionally, this position will define those set for their technical area and influence those set for CERT.
Decisions: The individual in this position is expected to make strategic choices about the direction of the technical area that will be distilled into a technical agenda funded by a defined set of existing or new customers and implemented by a team hired to support the specifics tasking.
Supervisory Responsibilities: This position has ultimate supervisory responsibility over all staff in the technical area to include hiring, performance reviews, salary adjustments, task assignment, and setting the tone and culture of the group.
Job Functions or Responsibilities:
30% Manages group to effectively implement the SEI and task order work plans. Sets goals and objectives and manages operational and functional business activities. Develops, implements and tracks short and long term operational plans (financial, staffing, infrastructure, project).
30% Provides guidance to and monitors the success of team leads in meeting strategic and operational goals. Assesses performance of direct reports and makes salary recommendations for all staff within areas of responsibility. Provides oversight of team leads and their supervisory responsibilities of technical staff and conducting performance reviews. Responsible for recruitment, hiring, development and retention of all technical and support staff.
20% Sets technical agenda of the technical area. Leads planning process and contribute to the development the CERT strategic plan. Ensures regular update of technical area’s plan; reviews feasibility of plan, identifies risks and defines risk mitigation strategy. Articulates vision for internal and external audiences.
10% Identifies opportunities for new technical projects and manages start-up of new, high-priority technical programs of work. Works with Technical Director of Response and Monitoring to develop and implement a funding and transition plan for new work areas.
10% Directs organizational effectiveness and staff learning and development plans. Identifies operational success measures and process improvements. Leads corrective action.
100% Total Effort
Organizational Chart: Division Director, CERT < Monitoring and Response Technical Director < Security Operations Technical Manager.
Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran.