Today
Top Secret/SCI
Unspecified
Unspecified
IT - Security
Remote/Hybrid•Remote (excluding ND (On-Site/Office)
About us
One team. Global challenges. Infinite opportunities. At Viasat, we're on a mission to deliver connections with the capacity to change the world. For more than 35 years, Viasat has helped shape how consumers, businesses, governments and militaries around the globe communicate. We're looking for people who think big, act fearlessly, and create an inclusive environment that drives positive impact to join our team.
What you'll do
Become a leader in our mission to connect the world securely. The Cyber Security Operations Manager will lead and mentor security operations practitioners in the fields of cyber forensics, network traffic analysis, malware analysis, and compliance support. The Cyber Security Operations Manager must be capable of directing investigations and organizing operations to assist in containment and remediation efforts.
Candidates for this position must enjoy working as part of a highly skilled technical team in a rapidly changing environment, be innovative and creative in detection tactics and techniques, and have a passion for protecting client data and corporate assets from advanced threats.
What you'll do:
The day-to-day
What you'll need
What will help you on the job
Salary range
$176,000.00 - $278,500.00 / annually.For specific work locations within San Jose, the San Francisco Bay area and New York City metropolitan area, the base pay range for this role is $219,000.00- $328,000.00/ annually
At Viasat, we consider many factors when it comes to compensation, including the scope of the position as well as your background and experience. Base pay may vary depending on job-related knowledge, skills, and experience. Additional cash or stock incentives may be provided as part of the compensation package, in addition to a range of medical, financial, and/or other benefits, dependent on the position offered. Learn more about Viasat's comprehensive benefit offerings that are focused on your holistic health and wellness at https://careers.viasat.com/benefits.
EEO Statement
Viasat is proud to be an equal opportunity employer, seeking to create a welcoming and diverse environment. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, ancestry, physical or mental disability, medical condition, marital status, genetics, age, or veteran status or any other applicable legally protected status or characteristic. If you would like to request an accommodation on the basis of disability for completing this on-line application, please click here.
One team. Global challenges. Infinite opportunities. At Viasat, we're on a mission to deliver connections with the capacity to change the world. For more than 35 years, Viasat has helped shape how consumers, businesses, governments and militaries around the globe communicate. We're looking for people who think big, act fearlessly, and create an inclusive environment that drives positive impact to join our team.
What you'll do
Become a leader in our mission to connect the world securely. The Cyber Security Operations Manager will lead and mentor security operations practitioners in the fields of cyber forensics, network traffic analysis, malware analysis, and compliance support. The Cyber Security Operations Manager must be capable of directing investigations and organizing operations to assist in containment and remediation efforts.
Candidates for this position must enjoy working as part of a highly skilled technical team in a rapidly changing environment, be innovative and creative in detection tactics and techniques, and have a passion for protecting client data and corporate assets from advanced threats.
What you'll do:
- Lead, mentor, and develop a high-performing team of security analysts, incident responders, and threat hunters.
- Foster a culture of continuous learning and collaboration.
- Manage performance, provide regular feedback, and support career development for direct reports.
- Define, monitor, and report on key performance indicators (KPIs) and service level agreements (SLAs) for SOC operations.
- Manage the team responsible for the US Government-focused element of a Global SOC, with focus on sensitive US Government programs and services
- Collaborate and partner with non-US members of a Global SOC to ensure consistency of practice. On occasion, work expanded hours to accommodate team members in other time zones.
- Manage incidents escalated by Network and Service teams, SOC Analysts, and Major Security Incidents.
- Manage detailed incident response workflows, lead critical security incident response investigations, and work with asset owners, stakeholders, the SOC team, and relevant senior leadership to develop and execute remediation plans. Influence and interface directly with cybersecurity detection engineering, cyber threat intelligence, and security tooling teams by providing guidance on key security monitoring needs.
- Lead technical meetings and working groups to address issues related to malware, threats, vulnerabilities, incidents, and cybersecurity preparedness.
- Work with external networking, software, platform, and other application teams to ensure the SOC has a firm understanding of the environments it is monitoring
- Lead post-incident reviews and develop after-action reports.
- Lead the development of incident-related communications, including incident response reports, incident status updates, and implementation of lessons learned after an incident.
- Interface directly with customers on behalf of operations, such as providing intelligence summaries for awareness and assessment of applicability to the organization to determine if the customer needs to act to mitigate. (i.e., industry-wide breaches, zero-days that would impact the organization, global threats, etc.)
- Manage day-to-day activities of the SOC Team regarding Security Monitoring, Investigations and Response, and Threat and Vulnerability Intelligence.
- Lead the SOC team in researching and leveraging cybersecurity best practices to improve SOC incident detection and response capabilities.
- Articulate security incident details to business stakeholders and non-technical individuals.
- Proactively identify and address gaps in security visibility across diverse and complex network environments.
The day-to-day
- Collaboration with non-US members of a Global SOC to ensure consistency of practice
- Management of incidents escalated by Network and Service teams
- Management of detailed incident response workflows and leadership of critical security incident response investigations
- Performing post-incident reviews and development of after-action reports
- Management of day-to-day activities of the SOC Team
What you'll need
- 5+ years of experience in security operations domains, including incident analysis, security architecture, cyber intelligence, SOC, and/or any other similar incident response experience.
- 3+ years Managerial experience or relevant Program/Project Management experience for technical teams
- Team-oriented and skilled in working within a collaborative environment with familiarity with Agile Scrum and Product Owner role
- Deep expertise in identifying and addressing security visibility gaps within enterprise network and cloud environments.
- Extensive experience with SIEM platforms including use case development, and optimization.
- Solid written and verbal communication skills with the ability to present ideas in business-friendly and user-friendly language.
- Ability to effectively multi-task, prioritize and execute tasks in a high-pressure environment
- Excellent problem-solving abilities
- Strong communication and listening skills, a thorough approach to complex problem solving, decision-making ability, and a high motivation towards setting and delivering "excellence"
- Demonstrated ability to be flexible, positive, and creative in a dynamic, fast-paced, and changing environment
- Willingness to acquire in-depth knowledge of network and host security technologies and products (such as endpoint, network, email security) and continuously improve these skills
- Ability to clearly and concisely document and explain technical details (e.g. experience documenting incidents, technical writing, etc.)
- Experience leading SOC teams during cyber monitoring, hunting, and incident response investigations is required
- BS/BA Required
- Ability to obtain and maintain and active TOP SECRET SCI clearance
- US Citizenship
- Up to 20-30% travel
What will help you on the job
- In-depth knowledge of security tools such as SIEM, IDS/IPS, web proxies, DLP, CASB, SIEM, DNS security, DDoS protection, and firewalls
- Knowledge of host-based security concepts
- Experience with GCP SecOps
- In-depth knowledge of network devices such as firewalls, switches, and routers
- Experience with common security technology stacks and case management for security event triage and analysis and incident response
- Familiarity with analyzing and inspecting log files, network packets, or other security tool information outputs from multiple system types
- Knowledge of basic reverse engineering principles and understand of malware, rootkits, TCP/UDP packets, or network protocols
- Knowledge of web application security and incident investigations
- Strong knowledge of Information Security, Risk Classification, Incident Management, Security Monitoring, Threat Intelligence and Incident Response functions
- Experience with technical analysis of email headers, links, and attachments to determine if an email is malicious, and then executing the appropriate remediation techniques to protect the environment
- Proactive in identifying improvements and areas where use case tuning would enhance monitoring value
- Required flexibility to work nights, weekends, and/or holiday shifts in the event of an incident response emergency
- Familiarity with MITRE ATT&CK framework and its application in detection and analysis
- Active US Government security clearance (e.g., Secret, Top Secret).
- One or more of the following certifications are recommended: CompTIA Security +; CompTIA Network +; Information systems Security Professional (CISSP); SANS-GIAC certification (Security Essentials/GCIH, GCFA, GCED, GCIA, GNFA, GPEN, GWAPRT); CISCO (CCNA); EC-Council (CEH, LPT)
Salary range
$176,000.00 - $278,500.00 / annually.For specific work locations within San Jose, the San Francisco Bay area and New York City metropolitan area, the base pay range for this role is $219,000.00- $328,000.00/ annually
At Viasat, we consider many factors when it comes to compensation, including the scope of the position as well as your background and experience. Base pay may vary depending on job-related knowledge, skills, and experience. Additional cash or stock incentives may be provided as part of the compensation package, in addition to a range of medical, financial, and/or other benefits, dependent on the position offered. Learn more about Viasat's comprehensive benefit offerings that are focused on your holistic health and wellness at https://careers.viasat.com/benefits.
EEO Statement
Viasat is proud to be an equal opportunity employer, seeking to create a welcoming and diverse environment. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, ancestry, physical or mental disability, medical condition, marital status, genetics, age, or veteran status or any other applicable legally protected status or characteristic. If you would like to request an accommodation on the basis of disability for completing this on-line application, please click here.
group id: VIASAT
