Cyber Security Operations Manager

Company Name: BWX Technologies

Location: Lynchburg, VA, US - 24501

Job Duration: 2021-04-08 to 2021-05-08

Overview

At BWX Technologies, Inc. (NYSE: BWXT), we are People Strong, Innovation Driven. Headquartered in Lynchburg, Va., BWXT provides safe and effective nuclear solutions for national security, clean energy, environmental remediation, nuclear medicine and space exploration. With approximately 6,400 employees, BWXT has 12 major operating sites in the U.S. and Canada. We are the sole manufacturer of naval nuclear reactors for U.S. submarines and aircraft carriers. Our company supplies precision manufactured components, services and fuel for the commercial nuclear power industry across four continents. Our joint ventures provide environmental remediation and nuclear operations management at more than a dozen U.S. Department of Energy and NASA facilities. BWXT’s technology is driving advances in medical radioisotope production in North America and microreactors for various defense and space applications. Follow us on Twitter at @BWXTech and learn more at www.bwxt.com.

 

BWXT is currently seeking a Cyber Security Operations Manager for its Lynchburg, VA location!

 

The Cyber Security Operations Manager leads the corporate cyber security operations team.  The ideal candidate will be highly motivated, a seasoned expert with experience leading a security operations center (SOC) that is interested in achieving excellence and enjoys mentoring cyber security professionals at all stages of their careers.

 

Job Description/Duties:

  • Manage the team that monitors the security defenses of the corporate network, detects events of interest and indicators of compromise, and responds to incidents.  This will require supervision of cyber security professionals, evaluating employee performance, developing a strategy for continuous improvement of the security operations capability, and motivating and coaching team members.
  • Lead the Cyber Security Incident Response Team (CSIRT), coordinates the actions of first responders, and communicates incident reports to Senior IT Management.
  • Ensure the implementation and maintenance of security operations platforms on supported versions, within license agreements, configured to optimize effectiveness, and integrated to optimize efficiency.
  • Manage vendor relationships with key technology partners and actively participates in the procurement process of new technologies and renewals of existing technologies.
  • Participate in project teams to define security requirements and collaborates with peer managers in IT to ensure solutions integrate with the existing architecture and achieve desired purpose.
  • Plan and manage the Cyber Security Operations budget to ensure resources are invested effectively and budget status is accurately reported to senior IT management.
  • Manage all phases of security projects from conception to closure, including coordination of resources in other areas of IT required to support the project.
  • Participate in IT project management and steering committees to ensure Cyber Security concerns are considered during the planning and execution of IT projects and business initiatives led by the IT Project Management Office (PMO).
  • Produce metrics for reporting security operations performance to the Chief Information Officer (CIO).
  • Identify and document specific threats to information systems and information, develops and documents additional or modified protection measures for those threats, and obtains approvals for the modified protection measures.  Brings local Cyber Security issues, vulnerabilities, and compliance problems that have not been adequately addressed to the attention of the Sr. IT Manager, Cyber Security. 

 

Job Qualifications/Requirements:

  • A minimum of a Bachelor’s degree in a related Information Technology field is required.
  • Must possess at least ten (10) years of related experience.
  • Must have experience leading and working in a mature security operations center (SOC).
  • Must have experience conducting and coordinating penetration tests, leading incident response teams, tabletop exercises, and performing incident simulations.
  • Must be familiar with attacker lifecycles, TTPs, and industry standards, such as the MITRE ATT&CK® framework.
  • Must have a working knowledge of IT system architectures, including technology infrastructure, data, and applications.
  • Must understand best practices for securing virtual infrastructure, operating systems, databases, applications, and externally hosted (aka "cloud") solutions.
  • Must have excellent communications skills in order to effectively interact with business, IT personnel, and Government agencies.
  • Must currently hold a related certification, such as CISSP, GSLC, CISA, CISM, CCSP, or CRISC.  The PMP certification is also desirable.
  • Must be able to maintain confidentiality when working with sensitive information.
  •  Prior experience with monitoring the security of cloud infrastructure (AWS, Azure, Google Cloud, etc.) and collaboration environments (ex:  Microsoft 365) is desirable
  • Prior experience with secure development practices or working in a DevSecOps environment is a plus.
  • Must be able to maintain confidentiality when working with sensitive information.
  • Ability to obtain and maintain a DOE security clearance is required.
  • Must be a U.S. citizen with no dual citizenship.

 

Applicants selected will be subject to a Federal background investigation and must meet eligibility requirements for access to classified information or matter. Position requires U.S. citizenship with (no dual citizenship) ability to obtain and maintain a Department of Energy (DOE) security clearance which involves an extensive criminal and financial background investigation, drug test and previous employment reference verifications.

BWXT supports diversity and is committed to the concept of Equal Employment Opportunity. We have established procedures to ensure that all personnel actions such as recruitment, compensation, career development, benefits, company-sponsored training and social recreational programs are administered without regard to race, color, religion, gender, national origin, citizenship, age, disability or veteran status.

https://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf

https://www.dol.gov/ofccp/regs/compliance/posters/pdf/OFCCP_EEO_Supplement_Final_JRF_QA_508c.pdf