Cybersecurity/Technical Operations Lead

Joint Base Andrews, Maryland, United States

Full Time
phia LLC logo
phia LLC
Apply now Apply later

Posted 1 month ago


phia, LLC is seeking a highly skilled Cybersecurity/Technical Operations Lead to join team of qualified, diverse individuals.The technical lead will serve as a subject matter expert – within a federal security operations center (SOC) – capable of solving complex security issues, identify, recommend, and develop capabilities to cover security gaps, assist in enhancing processes and procedures. The customer’s mission is to deliver effective, high quality, innovative cybersecurity services and solutions that reduce risk and protect the IT infrastructure, systems, and data across the agency in a dynamic threat environment. This job is located in Hancock County (Stennis), Mississippi. The anticipated start timeframe for this position is late summer/early fall of 2020. Duties include the following:


  • Provide subject matter technical knowledge and analysis to support across the customer’s SOC; collaborate with various key personnel to include the SOC manager, team leads, and senior management
  • Recommend improvements, enhancements and/or changes to the SOC infrastructure, tools, and facilities to the Government SOC Manager and the appropriate SOC change management boards
  • Implement the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) framework for Intelligence Operations
  • Support the design and deployment of incident response security solutions to facilitate a comprehensive defense-in-depth strategy and intrusion defense chain methodology
  • Provide engineering and technical assistance to support vulnerability scans, penetration testing, vulnerability analysis, scan analysis, and security analysis
  • Assist internal users of Splunk in designing and maintaining production-quality dashboards
  • During times of increased ticket volume, significant security events, or schedule shortages, perform various analysis to include cyber threat intel, network, host/media, malware, HUNT/IR analysis
  • As needed, create finished written products to include threat analysis, technical analysis, and white papers
  • In support of the PM and SOC manager, serves as the highest technical escalation point of all technical issues
  • Keep current with new methodologies of analysis (e.g. HUNT/IR in the cloud) that can be applied to the SOC environment and advances in relevant security tools, technologies, and platforms
  • Act in a consultative manner, proactively searching for creative solutions and strategies
  • Participate in announced tabletop exercises and unannounced security exercises on a quarterly and annual basis.



  • Bachelor of Arts or Bachelor of Science in Computer Science or related field
  • 5+ years of experience in security engineering/security operations, HUNT/IR, and cyber threat analysis
  • Certifications (one or more required): ISC2 CISSP, CISM, Certified Ethical Hacker (CEH) certifications or other comparable
  • Strong analysis skills with a variety of data (e.g. pcap, netflow) and logs (e.g. web, host)
  • Experience with a wide range of security tools and technologies to include Swimlane/SOAR, Splunk, MISP, Tenable, AWS security/IR, threat intel platforms (TIPS), etc.
  • Experience with at least one scripting language such as JavaScript, Python, Perl, Groovy, Rudy, etc.
  • Possess strong written and verbal communication skills
  • Experience with presenting in front of senior federal management is a plus
  • Working knowledge cybersecurity frameworks such as ATT&CK and information security best practices such as NIST special publications related to security operations.
  • Must be U.S. Citizen


  • Experience supporting a large, dynamic SOC as an analyst
  • Familiarity with DHS and the accreditation process of a CNDSP
  • Unique ability to connect with the cyber defense community

WORK SCHEDULE: Monday-Friday, core hours

TRAVEL: Up to 15%

TELEWORK ELIGIBILITY: Based on contract and customer requirement

SECURITY REQUIREMENTS: Must have active Top Secret with SCI eligibility



phia, LLC ("phia") is a Northern Virginia based, 8a certified small business established in 2011 with focus in Cyber Intelligence, Cyber Security/Defense, Intrusion Analysis & Incident Response, Cyber Architecture & Capability Analysis, Cyber Policy & Strategy, Information Assurance/Security, Compliance, Certification & Accreditation, Communications Security, Traditional Security, and Facilities Security. phia also provides cyber operations support functions such as: Program and Process Management, Engineering, Development, and Systems Administration that allows for Cyber Operations to efficiently integrate our customer’s missions and objectives. phia supports various agencies and offices within the Department of Defense (DoD), Federal government, and private/commercial entities.

phia offers excellent benefits for full time W2 candidates to enhance the work-life balance, these include the following:

  • Medical Insurance
  • Dental Insurance
  • Vision Insurance
  • Life Insurance
  • Short Term & Long-Term Disability
  • 401k Retirement Savings Plan with Company Match
  • Paid Holidays
  • Paid Time Off (PTO)
  • Tuition and Professional Development Assistance
  • Flex Spending Accounts (FSA)
  • Parking Reimbursement
  • Monthly Payroll
Job tags: Architecture AWS CEH CISM CISSP Cyber defense Incident response JavaScript Malware NIST Penetration testing Perl Python Splunk Strategy Top Secret