Oversee enterprise-wide monitoring and logging across network infrastructure and endpoints to ensure the rapid detection and response to cyber incidents
Maintain and evolve IR SOPs in strict accordance with CJCSM B, NIST SP 800-61R2, and DOW regulations to ensure procedural alignment with industry best practices
Translate technical findings into regular status reports for program leadership, DOW officials, and USCYBERCOM /DCDC repositories, detailing incident impact, effectiveness of response strategies, and lessons learned
Drive the evolution of incident response capabilities by identifying weaknesses, recommending advanced technologies, and implementing enhanced processes to stay ahead of evolving cyber threat
Support DOW CIO data collection by reviewing PPSM, CAP, SNAP, and GIAP requests against DISA guidelines; cross-train team members on emerging defense techniques and provide after-hours investi...