Cybersecurity Lead Manager

ASRC Federal is a leading government contractor furthering missions in space, public health and defense. As an Alaska Native owned corporation, our work helps secure an enduring future for our shareholders. Join our team and discover why we are a top veteran employer and Certified Great Place to Work™

ASRC Federal is hiring a Cybersecurity Lead Manager (SIEM & Enterprise Operations Focus) to support the Department of Defense Education Activity (DoDEA) Enterprise Cybersecurity Support Services contract. This position is located onsite in Alexandria, VA.

Position Summary

The Cybersecurity Lead Manager will provide program management, technical leadership, and cybersecurity onsite (Alexandria, Virgina) oversight in support of the Department of Defense Education Activity (DoDEA) Enterprise Cybersecurity Support Services contract.

This individual serves as the primary interface with Government leadership, responsible for ensuring successful execution of all Performance Work Statement (PWS) objectives, including:

• Risk Management Framework (RMF) Assessment & Authorization (A&A)
• Cybersecurity Engineering and Operations
• Vulnerability Management
• Application Security and Incident Response
• Technical Documentation and Reporting

The Cybersecurity Lead Manager will ensure delivery of secure, compliant, and mission-aligned cybersecurity services across DoDEA's global enterprise environment.

Key Responsibilities

1. Program Management & Contract Execution

• Serve as the primary point of contact (POC) for the Government COR and stakeholders.
• Develop, maintain, and execute the Program Management Plan (PMP), including:
• Risk-adjusted schedules
• Staffing and resource planning
• Communications management
• Lead weekly status reporting, monthly reporting, and program review briefings.
• Ensure all deliverables meet PWS requirements, timelines, and Acceptable Quality Levels (AQLs).
• Manage contractor personnel, including performance oversight and task prioritization.

2. RMF & A&A Oversight (Objective 1)

• Oversee execution of RMF Assessment & Authorization (A&A) activities.
• Ensure completion and quality of:
• System Security Plans (SSPs)
• Security Assessment Plans (SAPs)
• Security Assessment Reports (SARs)
• Plans of Action & Milestones (POA&Ms)
• Provide guidance on continuous monitoring strategies and near real-time risk management.
• Ensure proper use of eMASS for documentation and tracking.

3. Cybersecurity Engineering & Operations (Objective 2)

• Provide leadership for enterprise cybersecurity architecture and operations.
• Oversee implementation and sustainment of:
• IDS/IPS, HBSS, firewalls, VPNs, and endpoint security
• Cloud security architecture (AWS, Azure, etc.)
• Lead advanced analysis of logs, network traffic, and system artifacts during incidents.

SIEM Leadership (Critical Focus Area)

• Oversee Security Information and Event Management (SIEM) capabilities, including:
• Development of detection use cases, alerts, and correlation rules
• Integration of threat intelligence and indicators of compromise (IOCs)
• Optimization of monitoring policies across SIEM, EDR, IDS, and cloud systems
• Ensure effective log aggregation, normalization, and monitoring across enterprise systems.
• Drive improvements to real-time monitoring and alerting capabilities supporting CSOC operations.

4. Vulnerability Management (Objective 3)

• Oversee enterprise vulnerability assessment and remediation programs.
• Ensure compliance with:
• IAVM / IAVA requirements
• DISA STIGs and SCAP tools
• Provide leadership on threat tracking, risk prioritization, and remediation strategies.
• Support development of dashboards and reporting for DoDEA leadership.

5. Incident Response & Application Security (Objective 4)

• Lead Tier 3 incident response support and forensic investigations.
• Oversee:
• Security testing (penetration testing, SRR, code scanning)
• DevSecOps security integration
• Ensure rapid detection, analysis, and containment of cybersecurity incidents.

6. Technical Writing & Documentation (Objective 5)

• Oversee development of:
• Policies, SOPs, IT directives, and technical documentation
• Service catalogs and SLAs
• Ensure all documentation is accurate, compliant, and aligned with DoDEA standards.

Leadership & Team Oversight

• Provide leadership and direction to:
• SIEM engineers
• ISSOs
• Cybersecurity engineers
• Technical writers
• Ensure personnel meet DoD 8140 / IAT Level II/III certification requirements.
• Mentor team members and drive continuous improvement.

Required Qualifications:

• U.S. Citizenship
• Active SECRET clearance
• Bachelor's degree and 5-7 years of experience, in a related field, or equivalent combination of education and experience.
• Project Management Professional (PMP) certification
• Certified Information Systems Security Professional (CISSP)
• Cisco Certified Network Professional (CCNP) (or equivalent)
• Must meet DoD ADP Level II / IAT Level II or higher requirements.
• Must comply with all DoD cybersecurity policies and training requirements

Experience Requirements:

• Demonstrated experience supporting DoDEA or similar DoD cybersecurity environments
• Proven experience leading enterprise cybersecurity programs
• Strong background in:
• RMF / A&A processes
• Cybersecurity engineering and operations
• SIEM and security monitoring
• Incident response and vulnerability management

Technical Expertise:

• SIEM platforms (e.g., Splunk, Sentinel, or equivalent)
• Log management, correlation rules, and alerting
• Network security tools (IDS/IPS, firewalls, HBSS)
• Cloud security (AWS, Azure)
• Vulnerability scanning tools (ACAS, SCAP)
• eMASS and RMF documentation processes

We invest in the lives of our employees, both in and out of the workplace, by providing competitive pay and benefits packages. Benefits offered may include health care, dental, vision, life insurance; 401(k); education assistance; paid time off including PTO, holidays, and any other paid leave required by law. The salary offered will depend on several factors including, but not limited to, relevant experience, skills, education, geographic location, internal equity, business needs, and other factors permitted by law. Posted pay ranges are a general guideline only and are not a guarantee of compensation or salary.

EEO Statement

ASRC Federal and its Subsidiaries are Equal Opportunity employers. All qualified applicants will receive consideration for employment without regard to race, gender, color, age, sexual orientation, gender identification, national origin, religion, marital status, ancestry, citizenship, disability, protected veteran status, or any other factor prohibited by applicable law.