Security Operations Manager

Location: Washington, DC, US

Employment Type: FULL_TIME

Overview

Empower AI is AI for government. Empower AI gives federal agency leaders the tools to elevate the potential of their workforce with a direct path for meaningful transformation. Headquartered in Reston, Va., Empower AI leverages three decades of experience solving complex challenges in Health, Defense, and Civilian missions. Our proven Empower AI Platform® provides a practical, sustainable path for clients to achieve transformation that is true to who they are, what they do, how they work, with the resources they have. The result is a government workforce that is exponentially more creative and productive. For more information, visit www.Empower.ai.

Empower AI is proud to be recognized as a 2024 Military Friendly Employer by Viqtory, the publisher of G.I. Jobs. This designation reflects the company’s commitment to hiring and supporting active-duty and veteran employees.

Responsibilities

Overview:

This effort provides Operations and Maintenance (O&M) of mission-critical IT systems for the Department of State, Consular Affairs (CA), supporting 10,000 users across 230 overseas posts, 29 domestic passport agencies, and multiple data centers.

The Security Operations Manager (SEC) shall serve as the Security Operations team leader (est 10 technicians) for operational activities required to maintain the CA production system security posture in compliance with the Department of State Information Assurance and Compliance policies.

 Responsibilities:

• Responsible for the day-to-day acquisition and asset management operations in the CA EOC.
• The Security Operations team is responsible for supporting the Assessment & Authorization (A&A) process in coordination with CA/CST’s ISSO team.
• This includes (but is not limited to):
  • Managing security monitoring,
  • POA&M remediation maintaining standard security configurations in compliance with DOS security standards,
  • Managing incident response,
  • Supporting security posture assessment and cyber hygiene activities,
  • Managing centralized logging and threat analysis, and
  • Ensuring consistent, comprehensive and timely patching across the environment
• Performs and/or reviews technical security assessments of computing environments to identify points of vulnerability, non-compliance with established Information Assurance (IA) standards and regulations, and recommends mitigation strategies.
• Provides the technical and management support necessary to train and certify personnel to execute assessments.
• Validates and verifies system security requirements definitions and analysis and establishes system security designs.
• Provides the technical and management support necessary to baseline, evolve, and sustain and execute vulnerability assessments and defense assessments.
• Designs, develops, implements and/or integrates security systems and system components, including those for networking, computing, and enclave environments to include those with multiple enclaves and with differing data protection/classification requirements.
• Supports the building of security architectures.
• Assesses and mitigates system security threats/risks throughout the program lifecycle.
• Provides the technical and management support necessary to baseline, evolve, and sustain CA infrastructure, data, and processes.
• Collaborate with Engineers, Project and Product Managers to acquire and manage infrastructure assets.
• Ability to meet deadlines and satisfy requirements from other Engineers and Project Management
• Provides the coordination between resource managers/supervisors and ensures all necessary reviews and approvals are received.
• Communicate effectively and efficiently across all CA stakeholders including with the business, technical teams, and leaders.
• Take technical ownership of tasks and successfully work independently.
• Performs related duties as assigned.

Qualifications

Required

• BA/BS in business management or related discipline or equivalent experience.
• Possesses a Top Secret
• Possesses a Certified Information Systems Security Professional (CISSP) certification.
• A minimum of five (5) years of experience with all phases of IA and accreditation processes, securing IT systems and services using Government and industry IA standards, policies, guidelines, and best practices.
• Demonstrated experience managing and leading a security operations staff with skills applicable to a project environment similar in size and scope referenced in this task.
• Demonstrated experience successfully managing information security risks to include completing the entire A&A process including receiving Authority to Operate (ATO) for the cloud.

Desired:

• Demonstrated experience with encryption devices and procedures as they relate to networks and data.

Work Environment: 

• May require occasional travel between work centers or to client sites.
• Some after-hours or on-call support may be necessary.
• On-site work in a secure government or contractor facility.
• Must be able to work in a high-security environment and comply with all relevant security protocols.
• Standing for long periods.
• Ambulate throughout an office
• Ambulate between several buildings
• Stoop, kneel, crouch, or crawl as required
• Repeatedly lift and carry weight up to 30 pounds
• Travel by land or air transportation 10 %

About Empower AI

All hiring and promotion decisions at Empower AI are based on merit to bring the best talent available to contribute to our firm’s overall success. It is the policy of Empower AI not to discriminate against any applicant for employment, or employee because of age, color, sex, disability, national origin, race, religion, or veteran status. Empower AI is a VEVRAA Federal Contractor.