Defensive Cyber Operations Lead

Requirements:

• Active Top Secret SCI clearance with CI Poly.
• Bachelor's degree in Cybersecurity, Information Systems, or related field with 8+ years of relevant experience
• 3+ in a leadership or technical lead role.
• Understanding of network protocols (e.g., TCP/IP, DNS, DHCP) and network management platforms such as Zenoss, Cisco Catalyst Center, ISE, ASA, and Firepower.
• Demonstrated knowledge and practical experience supporting the transition to Zero Trust Architecture, including identity, network, and device trust models.
• Familiarity with Zero Trust pillars: identity, device, network/environment, application workload, and data.
• Proven experience with cybersecurity monitoring and incident response operations in large enterprise or government environments.
• Hands-on experience with SIEM tools (e.g., Splunk, Elastic), EDR (e.g., CrowdStrike), and cloud-native security controls (AWS, Azure).
• Strong understanding of RMF, NIST SP 800-53, STIGs, and FedRAMP compliance requirements.
• Industry certifications such as CISSP, CEH, GCIH, GCIA, or equivalent.

Desired:

• Experience supporting MSP environments and multi-tenant architectures.
• Familiarity with Zero Trust security frameworks and implementations.
• Scripting or automation experience (e.g., Python, PowerShell).
• Cloud certifications (AWS Security Specialty, Azure Security Engineer Associate).

Certain states and localities require employers to post a reasonable estimate of salary range. A reasonable estimate of the current base pay range for this position is $175,000 to $210,000 annually. Actual salary will be based on a variety of factors, including shift, location, experience, skill set, performance, licensure and certification, and business needs. The range for this position in other geographic locations may differ. Certain positions may also be eligible for variable incentive compensation, such as bonuses or commissions, that is not included in the base pay.

The well-being of WWT employees is essential. So, when it comes to our benefits package, WWT has one of the best. We offer the following benefits to all full-time employees:

• Health and Wellbeing: Health, Dental, and Vision Care, Onsite Health Centers, Employee Assistance Program, Wellness program
• Financial Benefits: Competitive pay, Profit Sharing, 401k Plan with Company Matching, Life and Disability Insurance, Tuition Reimbursement
• Paid Time Off: PTO and Sick Leave (starting at 20 days per year) & Holidays (10 per year), Parental Leave, Military Leave, Bereavement
• Additional Perks: Nursing Mothers Benefits, Voluntary Legal, Pet Insurance, Employee Discount Program

We strive to create an environment where all employees are empowered to succeed based on their skills, performance, and dedication. Our goal is to cultivate a culture of belonging that encourages innovation, collaboration, and respect for all team members, ensuring that WWT remains a great place to work for All!

If you have any questions or concerns about this posting, please email taposting@wwt.com.

#LI-MP1

#Li-Onsite

Qualifications

Why Wwt?

At World Wide Technology, we work together to make a new world happen. Our important work benefits our clients and partners as much as it does our people and communities across the globe. WWT is dedicated to achieving its mission of creating a profitable growth company that is also a Great Place to Work for All. We achieve this through our world-class culture, generous benefits and by delivering cutting-edge technology solutions for our clients.

Founded in 1990, WWT is a global technology solutions provider leading the AI and Digital Revolution. WWT combines the power of strategy, execution and partnership to accelerate digital transformational outcomes for organizations around the globe. Through its Advanced Technology Center, a collaborative ecosystem of the world's most advanced hardware and software solutions, WWT helps clients and partners conceptualize, test and validate innovative technology solutions for the best business outcomes and then deploys them at scale through its global warehousing, distribution and integration capabilities.

With over 12,000 employees across WWT and Softchoice and more than 60 locations around the world, WWT's culture, built on a set of core values and established leadership philosophies, has been recognized 14 years in a row by Fortune and Great Place to Work® for its unique blend of determination, innovation and creating a great place to work for all.

Want to work with highly motivated individuals on high-performance teams? Join WWT today!

Why should you join the Public Sector team?

Wwt.Com/Public-Sector

Our team provides cleared resources with a global reach to federal civilian, Department of Defense (DoD), and intelligence community markets. We excel at delivering innovative, operationally ready, and cost-effective IT solutions that accelerate the interoperability and resiliency of mission-critical systems.
Want to work with highly motivated individuals that come together to form high-performance teams? Come join WWT today! We are looking for a Defensive Cyber Operations Lead to support our Managed Service Provider (MSP) contract within the Public Sector.

What will you be doing?

As the Defensive Cyber Operations (DCO) Lead, you will lead cybersecurity operations for a classified, enterprise-scale Managed Service Provider (MSP) contract delivering network access, desktop services, and cloud capabilities. You will oversee cyber threat detection, incident response, and continuous cyber defense improvements across complex hybrid environments.

You will also play a pivotal role in advancing the customer’s strategic adoption of Zero Trust Architecture (ZTA) by aligning defensive cyber operations with key ZTA tenets—continuous validation, identity-aware access, micro-segmentation, and least privilege enforcement. Your leadership will directly contribute to the design, implementation, and maturity of ZTA-aligned defensive capabilities. 

Responsibilities:

• Lead a multi-partner DCO team consisting of cyber security engineers and analysts responsible for monitoring, threat detection, incident response, and cyber threat intelligence integration.
• Align DCO capabilities with Zero Trust Architecture principles, including identity-centric access control, segmentation, and continuous verification strategies.
• Integrate network management platforms, such as Zenoss, Cisco Catalyst Center, ISE, and Firepower, into the defensive cyber posture to enhance cyber visibility and support ZTA.
• Collaborate with architecture and engineering teams to implement ZTA-aligned monitoring, policy enforcement, and data protection controls.
• Develop, maintain, and enhance SIEM, IDS/IPS, EDR, and vulnerability management platforms to detect and respond to security threats in real time.
• Analyze logs, traffic, and telemetry to detect abnormal behavior and indicators of compromise (IOCs).
• Coordinate and lead incident response activities including triage, containment, forensics, eradication, and recovery.
• Implement and document proactive defense strategies aligned with NIST 800-53, RMF, and other relevant frameworks.
• Work with Network, Cloud, and Desktop teams to harden the IT environment and integrate security into all layers of service delivery.
• Develop defensive playbooks and standard operating procedures.
• Brief leadership and customers on emerging threats, incident postmortems, and operational metrics.
• Provide mentorship to junior analysts and ensure knowledge transfer across the DCO team.