Job Requirements
Alexandria, VA
Public Trust Polygraph Unspecified
Mid Level Career (5+ yrs experience)
Salary not specified
Join Premium to unlock estimated salaries
Job Description
Cybersecurity Lead
Alexandria, VA – Full Time – Public Trust & US citizenship required
The Cybersecurity Lead serves as the senior technical authority and on-site supervisor for the IT security contracting team supporting the Executive Office for Immigration Review (EOIR) Office of Information Technology (OIT). This senior dual-hat role operates with a 70% technical and 30% management focus. The Lead provides expert oversight for the entire incident response lifecycle, ensures compliance with Department of Justice (DOJ) guidelines, manages daily contractor tasking, and serves as the primary liaison to agency leadership.
Responsibilities:
Technical:
• Provide expert oversight for the entire incident response lifecycle, from initial detection and log correlation to final remediation and closure.
• Utilize Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) platforms.
• Exercise final decision-making authority on technical containment strategies during cybersecurity incidents.
• Oversee vulnerability management and scanning operations utilizing leading industry-standard tools.
• Perform initial assessments of Personally Identifiable Information (PII) incidents to determine spill severity and coordinate response actions with the Privacy Office and Office of General Counsel (OGC).
• Conduct deep-dive investigations of cyber incidents, equipment loss, and ticket queues to eliminate false positives and track threats.
• Proven technical command of SIEM/SOAR platforms, endpoint incident response tools, and network analytics systems.
• Direct experience executing and optimizing enterprise tools like Tenable.SC, Nessus Scanners, Splunk, JIRA, and ServiceNow.
Management:
• Serve as the primary on-site supervisor managing daily contractor tasks and workload for the team.
• Develop, maintain, and update critical cybersecurity programmatic blueprints, including the EOIR Incident Response Plan, Vulnerability Management Plan, and Insider Threat Plan.
• Translate technical incident data into high-level trend analysis, metrics, and "Lessons Learned" reports for agency leadership.
• Coordinate directly with the Justice Security Operations Center (JSOC) and Justice Management Division (JMD) regarding incident response, software demos, and cyber threat analytics.
• Monitor team deliverables to ensure full compliance with DOJ audit log retention and information system privacy awareness policies.
• Strong understanding of federal compliance frameworks, including OMB Circular A-130, FISMA (2014), and NIST SP 800-53 Rev. 5.
• Demonstrated supervisory ability to lead a small technical team under a disciplined program management framework.
• Excellent written and verbal communication skills, with the distinct ability to translate deeply technical cyber threats into human-readable executive briefings.
Requirements
• Degree: Bachelor’s Degree from an accredited institution.
• Experience: 3 to 10 years of hands-on experience in cybersecurity incident response, vulnerability management, or highly related federal security operations.
• Certification: DoD 8570/8140 IAT Level 2 certification
Additional Details
• Position Type: Full time
• Hours of Operation: Monday-Friday 7:00 AM – 5:00 PM EST
• Place of Performance: EOIR OIT, 4825 Mark Center Drive, Alexandria, VA 22311
• Security Clearance: Public Trust level security clearance & U.S. Citizenship required
• Salary: $110k
Alexandria, VA – Full Time – Public Trust & US citizenship required
The Cybersecurity Lead serves as the senior technical authority and on-site supervisor for the IT security contracting team supporting the Executive Office for Immigration Review (EOIR) Office of Information Technology (OIT). This senior dual-hat role operates with a 70% technical and 30% management focus. The Lead provides expert oversight for the entire incident response lifecycle, ensures compliance with Department of Justice (DOJ) guidelines, manages daily contractor tasking, and serves as the primary liaison to agency leadership.
Responsibilities:
Technical:
• Provide expert oversight for the entire incident response lifecycle, from initial detection and log correlation to final remediation and closure.
• Utilize Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) platforms.
• Exercise final decision-making authority on technical containment strategies during cybersecurity incidents.
• Oversee vulnerability management and scanning operations utilizing leading industry-standard tools.
• Perform initial assessments of Personally Identifiable Information (PII) incidents to determine spill severity and coordinate response actions with the Privacy Office and Office of General Counsel (OGC).
• Conduct deep-dive investigations of cyber incidents, equipment loss, and ticket queues to eliminate false positives and track threats.
• Proven technical command of SIEM/SOAR platforms, endpoint incident response tools, and network analytics systems.
• Direct experience executing and optimizing enterprise tools like Tenable.SC, Nessus Scanners, Splunk, JIRA, and ServiceNow.
Management:
• Serve as the primary on-site supervisor managing daily contractor tasks and workload for the team.
• Develop, maintain, and update critical cybersecurity programmatic blueprints, including the EOIR Incident Response Plan, Vulnerability Management Plan, and Insider Threat Plan.
• Translate technical incident data into high-level trend analysis, metrics, and "Lessons Learned" reports for agency leadership.
• Coordinate directly with the Justice Security Operations Center (JSOC) and Justice Management Division (JMD) regarding incident response, software demos, and cyber threat analytics.
• Monitor team deliverables to ensure full compliance with DOJ audit log retention and information system privacy awareness policies.
• Strong understanding of federal compliance frameworks, including OMB Circular A-130, FISMA (2014), and NIST SP 800-53 Rev. 5.
• Demonstrated supervisory ability to lead a small technical team under a disciplined program management framework.
• Excellent written and verbal communication skills, with the distinct ability to translate deeply technical cyber threats into human-readable executive briefings.
Requirements
• Degree: Bachelor’s Degree from an accredited institution.
• Experience: 3 to 10 years of hands-on experience in cybersecurity incident response, vulnerability management, or highly related federal security operations.
• Certification: DoD 8570/8140 IAT Level 2 certification
Additional Details
• Position Type: Full time
• Hours of Operation: Monday-Friday 7:00 AM – 5:00 PM EST
• Place of Performance: EOIR OIT, 4825 Mark Center Drive, Alexandria, VA 22311
• Security Clearance: Public Trust level security clearance & U.S. Citizenship required
• Salary: $110k
group id: 91133289