COMET CSSP Risk Manager

Break Point Labs is seeking a COMET CSSP Risk Manager to assist leadership in defining Cyber Service Area requirements, identifying process improvement projects, and providing support in Defensive Cyber Operations (DCO) monitoring and incident response functions. COMET personnel assist leadership with a range of responsibilities related to cybersecurity operations, including operational oversight, prioritization, and decision‑making. They oversee technical cyber monitoring and incident response during their local daytime shift, provide updates to leadership
and other stakeholders, and drive continuous improvement by defining new methodologies for operational scalability through proactive research, evaluation, and implementation of novel tools, capabilities, and processes. COMET personnel monitor resources and advocate for the operational needs of the organization, performing continuous learning and acting as Subject Matter Experts (SMEs) for various cybersecurity skillsets. They may provide surge support during high‑criticality cyber incidents as directed by leadership.

The successful candidate will have a strong understanding of cybersecurity operations and experience managing and overseeing technical cyber monitoring and incident response. They will possess excellent communication and problem‑solving kills and the ability to work collaboratively with cross‑functional teams.

• Assist leadership in defining Cyber Service Area requirements for Defensive Cyber Operations (DCO).
• Oversee and validate network intrusion detection, monitoring, and correlation analysis, incident response, and digital forensics as needed.
• Provide operational updates to leadership and communicate significant incidents or outages.
• Identify process improvement opportunities to enhance cyber operations efficiency.
• Advocate for operational needs and resource allocation across teams.
• Direct, coach, and mentor analysts during both normal operations and cybersecurity events.
• Lead development of documentation, training materials, and process improvements.
• Provide technical direction to contractors and teams to steer incident response plans and recovery actions.
• Participate in operational meetings to identify issues and propose improvement projects.
• Up to 20% travel, as required.

• Experience presenting to senior leadership (GS-15/O5+).
• Experience using Security Information and Event Management (SIEM) tools such as Splunk, Elastic, and Microsoft Sentinel.
• Experience in managing and overseeing technical cyber monitoring and incident response.
• Must demonstrate IT‑related experience that includes the following competencies:
  – Attention to Detail:
  Performs work thoroughly and conscientiously.
  – Customer Service:
  Assesses needs, provides assistance, resolves problems, and ensures quality service.
  – Oral Communication:
  Effectively conveys information to technical and non‑technical audiences.
  – Problem Solving:
  Identifies issues, evaluates information accuracy, and recommends sound solutions.

IAM or IAT and ISASAE Level I

Secret

Master’s Degree Area(s) of Study Master’s degree in Cybersecurity, Computer, Electrical, or Electronics Engineering, or Mathematics with a concentration in computer science or equivalent