Home >
Career Center > Job Seekers
> Job Search
|
| Company Name: |
General Dynamics IT |
| Location: |
Herndon, VA |
| Position Type: |
Full Time |
| Post Date: |
05/19/2026 |
| Expire Date: |
06/18/2026 |
| Job Categories: |
Engineering, Information Technology |
|
 |
|
|
Remediation and Mitigation Lead, Top Secret
The Remediation and Mitigation (R&M) Lead oversees teams that plan, manage, and execute remediation actions across affected organizations, delivering actionable, technically grounded guidance that accelerates incident recovery and strengthens longterm resilience for federal, state, local, tribal, territorial (SLTT), and critical infrastructure stakeholders. The role directs the full remediation lifecycle from incidentspecific plan development through completion ensuring cohesive communication, accurate reporting, and missionaligned knowledge capture that enhances national cybersecurity resilience. In collaboration with internal and external stakeholders, the R&M Lead ensures highquality tools, guides, and countermeasures are produced from realworld engagements and lessons learned, advancing consistent, riskreducing remediation across the ecosystem. Key Responsibilities Remediation Coordination LeadershipOversee teams that serve as the central coordination function for planning, managing, and executing incident remediation across networks, endpoints, and security controls.Ensure teams provide timely, accurate reporting of incident response actions to leadership and stakeholders.Oversee teams that deliver complete operational metrics, statistics, and analytic insights.Ensure responsible, secure, missionaligned information sharing and highquality content contributions to engagement reports, defensive measures, and threatinformed prevention materials.Lead knowledge capture from realworld incidents, enforcing R&M and Threat Hunt (TH) guidance and feeding insights into processes and knowledgebases to enhance national remediation capability.Oversee teams preparing regular and adhoc briefings to mission teams, leadership, and stakeholders to maintain situational awareness and coordinated operational response.Countermeasures Analysis OversightDirect teams that evaluate threat actor activity and stakeholder environments to recommend optimal containment and eradication actions, reducing risk of recompromise and regaining control of compromised assets.Ensure actionable technical guidance is provided across networks, endpoints, and security controls.Oversee creation of highquality reports documenting findings, mitigation strategies, and technical insights.Maintain adherence to established R&M and TH knowledgemanagement procedures. Countermeasures Research & Tool SustainmentOversee researchers who test, validate, and document countermeasures to keep CISAs mitigation guidance ahead of adversary actions, adding insights from past engagements into catalogs and documentation.Ensure the countermeasures database remains accurate, relevant, and complete by integrating cyber threat intelligence (CTI) and allsource reporting on adversary techniques, tactics and procedures (TTPs) and updating content to reflect current threat landscapes.Enforce secure, missionaligned information sharing and contribute expert input to defensive measures, threatinformed prevention content, and other publications.Deception Operations (DecOps) SupportOversee DecOps teams operationalizing the MITRE Engage framework to conduct deception activities as needed during cyber incidents, providing overwatch during containment and eradication.Ensure accurate operational metrics and statistical reporting that strengthen performance oversight, situational awareness, and leadership decisionmaking.Maintain secure, accurate information sharing with stakeholders to support coordinated response and remediation. Operational Governance, Reporting & Knowledge ManagementOversee responsible information sharing practices and contribute highquality, missionaligned content to reports, tools, and prevention materials.Ensure teams consistently capture lessons learned and maintain organizational knowledge quality in accordance with R&M and TH guidance,Coordinate additional missionaligned duties assigned by leadership to maintain continuity, effectiveness, and agility of operational and analytical functions.Required QualificationsExperience leading remediation and incident response activities for largescale federal or criticalinfrastructure cybersecurity programs.Demonstrated ability to oversee crossfunctional teams that deliver containment, eradication, and recovery actions across complex enterprise environments.Strong knowledge of adversary TTPs, defensive controls, and remediation planning; familiarity with knowledgemanagement practices and operational reporting.Excellent communication skills with experience briefing leadership and stakeholder organizations.Ability to establish performance metrics and drive outcomefocused improvements across mission workflows.Ability to integrate AI/ML into remediation workflows to accelerate detection, containment, and recovery while improving consistency and mission effectiveness.Demonstrated experience adding AIdriven threat intelligence toolssuch as automated correlation engines, predictive analytics, or machinelearningenabled TTP modelingto support incident prioritization and threatinformed remediation planning.Proven success leveraging AIsupported automation frameworks, including SOAR platforms and machineassisted playbooks, to streamline remediation actions and reduce operator workload across complex environments.10 years of overall cybersecurity experience with 5 years of management of cybersecurity teamsPreferred QualificationsExperience supporting CISA, DHS, or nationallevel cyber missions.Familiarity with countermeasure development, deception frameworks (e.g., MITRE Engage), and remediation tooling (e.g., playbooks, mitigation catalogs).Relevant certifications (e.g., CISSP, GCIH, GICSP, GRID, GCFA) and experience integrating CTI into remediation guidance.Experience sustaining mission applications and content repositories used for remediation and prevention.AI/ML integration in national cyber missions, including applying machinelearning models to enhance remediation planning, situational awareness, and mission execution at scale.Experience deploying AIdriven threat intelligence tools that automate indicator enrichment, adversary behavior prediction, and threatinformed remediation recommendations.Demonstrated ability to operationalize AIsupported automation frameworkssuch as SOAR platforms, AIassisted playbooks, and machinelearningbased workflow engines GDIT IS YOUR PLACE401K: With company match.Health & Wellness: Comprehensive health and wellness packages.Career Growth: Internal mobility team dedicated to helping you own your career.Professional Development: Growth opportunities including paid education and certifications.Innovative Tech: Access to cutting-edge technology to stay ahead of the mission.Work-Life Balance: Rest and recharge with paid vacation and holidays.
|
|
| Company Name: |
General Dynamics IT |
| Website: | https://www.gdit.com/careers/job/1e7bff88e/remediation-and-mitigation-lead-top-secret/?source=AutoAppend_HBCU |
Apply Now |
Forward Job to a Friend |
More Jobs From This Employer
|
|
|
