Apply on Employer Site

Computer World Services Corp. (CWS) · 6 hours ago

Cybersecurity Service Provider (CSSP) Operations Team Lead

Indianapolis, IN

Full-time

Onsite

Senior Level, Lead/Staff

10+ years exp

Computer World Services Corp. (CWS) is seeking a Cybersecurity Service Provider (CSSP) Operations Team Lead to oversee a 24/7 cyber operations team. The role involves directing cybersecurity monitoring, incident response, and vulnerability management while ensuring compliance with various cybersecurity requirements.

ComputerInformation TechnologySoftwareVirtual Reality

Senior Management

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Lead, coordinate, and manage the 24/7 cyber operations team responsible for monitoring, detection, triage, and response across all network enclaves

Serve as senior operational authority for active cyber events, incident escalation, and enterprise security actions

Provide daily supervision, scheduling, and direction to CSSP operations staff in support of continuous monitoring requirements

Maintain situational awareness of cyber threats, adversarial activity, and operational risk across the environment

Provide expert-level technical direction, strategic advice, and operational guidance for all CSSP mission areas

Lead operational planning, milestone development, risk assessments, and major technical decisions

Oversee complex or mission-critical cybersecurity programs and ensure all technical requirements are met

Interface with senior Government leadership for incident reporting, operational decisions, and program priorities

Supervise junior staff and mentor technical team members

Oversee 24/7 security event monitoring, log correlation, anomaly detection, and analysis of alerts

Ensure rapid detection of threats involving malware, unauthorized access, data exfiltration, insider activity, and network exploitation

Utilize SIEM platforms (e.g., ArcSight) and IDS/IPS technologies for real-time analysis

Act as the central POC for Computer Emergency Response

Lead incident investigations, containment, eradication, and recovery actions

Provide internal and external incident reporting IAW DoD requirements

Support DoD-CERT and JFHQ-DODIN direction during cyber events

Operate and manage enterprise vulnerability scanning platforms (ACAS)

Conduct monthly scans, IAVA processing, remediation tracking, and POA&M development

Perform STIG compliance checks and secure baseline validation

Oversee the operation and maintenance of enterprise security technologies including:

IDS/IPS

Endpoint Security System (ESS)

ACAS

Network perimeter defense tools

Traffic monitoring and forensic systems

Penetration testing solutions

SIEM tools

Ensure performance, tuning, and configuration are optimized and aligned with Zero Trust architecture

Perform audits on servers, workstations, network devices, and enclave infrastructure

Ensure compliance with:

DoDI 8500.01 (Cybersecurity)

DoDI 8510.01 (RMF)

DoDD 8140.01

DISA STIGs

IAVA requirements

CJCSM 6510.01

JFHQ-DODIN and U.S. Cyber Command directives

Conduct Security Readiness Reviews (SRRs) and validate secure configurations

Support the development and execution of a Cybersecurity Compliance Plan ensuring confidentiality, integrity, and availability (CIA) of Government systems

Participate in continuous monitoring and scoring programs including CMRS, Cyber Threat Score, Cyber Top 10, etc

Develop and maintain:

POA&Ms

AORs

Security Override Letters

Operational reports

Incident summaries

Vulnerability analysis reports

Ensure timely reporting and corrective action planning for all non-compliance findings

Enforce strict change control procedures to prevent unauthorized system, network, and application changes

Ensure compliance with DoD-approved ports, protocols, and services (PPS) configurations

Evaluate emerging technologies and recommend improvements to operational processes, monitoring capabilities, and threat detection techniques

Develop advanced operating procedures, troubleshooting guides, installation guides, and security documentation

Qualification

Cybersecurity Operations LeadershipIncident Response ManagementVulnerability ManagementSIEM ProficiencyDoD Cybersecurity ComplianceSecurity Infrastructure SupportCommunication SkillsTeam SupervisionTechnical DirectionEmerging Technology EvaluationChange Control ManagementAudit SupportDocumentation Skills

Required

Bachelor's degree in a related field

Ten (10) years of experience in Information Technology

At least eight (8) years of experience as a Security Administrator or in a similar technical role, or a closely related IT discipline involving oversight of large, complex, multi-site programs

CISSP or equivalent required

Information Assurance Technical (IAT) II required

Computing Environment (CE) certification relevant to Microsoft, Linux, Cloud, or other privileged access technologies (required)

ITIL Required

Must maintain all mandatory certifications

Must be a U.S. Citizen

Selective Service registration required (if applicable)

Top Secret Security Clearance required

Must maintain fitness and eligibility for national security positions

Expert understanding of DoD cyber defense, enterprise security tools, and mission operations

Demonstrated ability to lead high-tempo cyber operations teams in a 24/7 environment

Strong communication skills to interface with senior Government leadership