REQ#: RQ214805Public Trust: Other Requisition Type: Regular Your Impact

Own your opportunity to work alongside federal civilian agencies. Make an impact by providing services that help the government ensure the well being of U.S. citizens.

Job Description

Overview: 

GDIT is seeking a highly experienced Cyber Security Manager to lead and unify two critical teams: Security Operations (SecOps) and Cyber Security Compliance (Risk Management). This leadership position supports GDIT’s contract with the Administrative Office of United States Courts – Administrative Office Technology Office (AOUSC-AOTO) in Washington, DC.

The successful candidate will serve as the primary bridge between technical operations and governance, supervising a diverse team of Engineers and Analysts. You will be responsible for the strategic oversight of the AOTO enterprise-wide defense-in-depth posture, ensuring that daily security operations (Incident Response, Vulnerability Management) align seamlessly with federal compliance mandates (NIST RMF, JISF). 

Responsibilities: 

The Manager will provide direct supervision to the Security Operations and Compliance teams, fostering a collaborative environment that integrates real-time threat defense with long-term risk management.

Leadership & Strategy:

Provide day-to-day leadership, mentorship, and resource management for the SecOps and Compliance teams.Act as the primary liaison between the technical teams and the AOTO Information Security Officer (ISO) and Government Leads.Develop and execute strategic security plans that align technical capabilities (SIEM, Firewalls) with policy requirements (NIST 800-53, JISF).Synthesize data from Security Operations and Compliance activities to provide executive-level reporting on the organization's risk posture, security trends, and program health.

Security Operations Oversight:

Oversee the 24/7/365 efficacy of security tools and operational activities, including Incident Response (IR), Intrusion Detection/Prevention, and SIEM management (Splunk).Ensure timely triage, investigation, and remediation of security events, serving as the escalation point for critical incidents.Direct the Vulnerability Management program, ensuring scans are conducted, analyzed, and remediation efforts are coordinated effectively across cross-functional IT teams.Manage the implementation and maintenance of security infrastructure (Next-Gen Firewalls, Endpoint Protection, Web Gateways).

Compliance & Risk Management Oversight:

Supervise the full lifecycle of Assessment & Authorization (A&A) activities, ensuring systems maintain Authority to Operate (ATO) in accordance with the Judiciary Information Security Framework (JISF) and NIST RMF.Oversee the development and maintenance of System Security Plans (SSPs), POA&Ms, and other critical security documentation in the CSAM tool.Ensure that new and existing systems integrate security controls early in the SDLC (Security by Design) and meet auditing requirements.Review and approve policy updates, Standard Operating Procedures (SOPs), and Concept of Operations (CONOPS) documents.

Program Management:

Manage the IT Security Awareness Training and Phishing Simulation program, ensuring continuous improvement and high user engagement.Collaborate with AOTO project managers and system owners to ensure security resources are appropriately allocated to ongoing projects.Maintain awareness of emerging threat intelligence and regulatory changes to proactively adapt the program’s defense and compliance strategies.

Qualifications: 

REQUIRED SKILLS:

At least 10 years of progressive IT security experience, with a minimum of 3-5 years in a leadership or management role supervising teams.Understanding of Security Operations architectures (SIEM, Firewall, IDS/IPS, Vulnerability Scanning) and Incident Response lifecycles.Experience coordinating and overseeing the implementation of security projects.Ability to manage diverse teams, prioritize conflicting demands, and drive performance towards meeting SLA/contractual requirements.Excellent oral and written communication skills, with the ability to translate complex technical issues into business risks for senior management and government stakeholders.Familiarity with enterprise tools such as Splunk, Nessus, CSAM, and Patch Management systems is a plusKnowledge of risk management framework pertaining to IT Security a plusKnowledge of general management and auditing techniques for identifying problems, gathering and analyzing pertinent information, forming conclusions, developing solutions and implementing plans consistent with management goals.

EDUCATION/CERTIFICATIONS:

Bachelor’s degree required, Master’s degree preferred and a minimum of 10 years of progressive IT experience or equivalent experience.One industry-recognized project management certification such as: Agile Certified Practitioner (ACP) or Project Management Professional (PMP) a plusITIL Foundations Certification a plusCertifications relating to IT Security (CISSP, GIAC, Security+) a plus