Defensive Cyber Operations Lead

Job Description: The Defensive Cyber Operations Lead will lead cybersecurity operations for a classified, enterprise-scale Managed Service Provider (MSP) contract delivering network access, desktop services, and cloud capabilities. The selected candidate will oversee cyber threat detection, incident response, and continuous cyber defense improvements across complex hybrid environments. Responsibilities: Lead a multi-partner DCO team consisting of cyber security engineers and analysts responsible for monitoring, threat detection, incident response, and cyber threat intelligence integration. Align DCO capabilities with Zero Trust Architecture principles, including identity-centric access control, segmentation, and continuous verification strategies. Integrate network management platforms into the defensive cyber posture to enhance cyber visibility and support ZTA. Collaborate with architecture and engineering teams to implement ZTA-aligned monitoring, policy enforcement, and data protection controls. Develop, maintain, and enhance SIEM, IDS/IPS, EDR, and vulnerability management platforms to detect and respond to security threats in real time. Analyze logs, traffic, and telemetry to detect abnormal behavior and indicators of compromise (IOCs). Coordinate and lead incident response activities including triage, containment, forensics, eradication, and recovery. Implement and document proactive defense strategies aligned with NIST 800-53, RMF, and other relevant frameworks. Work with Network, Cloud, and Desktop teams to harden the IT environment and integrate security into all layers of service delivery. Develop defensive playbooks and standard operating procedures. Brief leadership and customers on emerging threats, incident postmortems, and operational metrics. Provide mentorship to junior analysts and ensure knowledge transfer across the DCO team. Requirements: Active Top Secret SCI clearance with CI Poly. Bachelor's degree in Cybersecurity, Information Systems, or related field with 8+ years of relevant experience. 3+ years in a leadership or technical lead role. Understanding of network protocols and network management platforms. Demonstrated knowledge and practical experience supporting the transition to Zero Trust Architecture. Familiarity with Zero Trust pillars: identity, device, network/environment, application workload, and data. Proven experience with cybersecurity monitoring and incident response operations in large enterprise or government environments. Hands-on experience with SIEM tools, EDR, and cloud-native security controls. Strong understanding of RMF, NIST SP 800-53, STIGs, and FedRAMP compliance requirements. Industry certifications such as CISSP, CEH, GCIH, GCIA, or equivalent. Desired: Experience supporting MSP environments and multi-tenant architectures. Familiarity with Zero Trust security frameworks and implementations. Scripting or automation experience. Cloud certifications. We offer a competitive salary range of $175,000 to $210,000 annually, as well as a comprehensive benefits package, including health and wellbeing programs, financial benefits, paid time off, and additional perks. Equal Employment Opportunity: World Wide Technology is an equal opportunity employer and welcomes applications from diverse candidates.

#J-18808-Ljbffr