Cybersecurity Operations Lead

Job Description

Company: SAIC

Location: Arlington, US

Description

SAIC is seeking qualified applicants to support a cutting-edge data, analytics, and AI platform. The Cyber Operations Lead is a critical role in the day to day understanding, workflows, and triage of tasking assignments to 10+ cyber teams who are also working with other task areas that handle customer relationships, service portfolio and catalog management, software engineering & development, data/AI engineering, IT systems operations, and use case intake and analytics for DoW enterprise-scale mission objectives expected in Spring/Summer 2026.
Positions are contingent pending contract award. 

The work will be performed in Alexandria, Northern Virginia. Some work may be performed remotely, subject to Government approval. 

Job Responsibilities:

• Maintain enterprise-wide operational awareness of cyber tasking across 10+ teams by actively monitoring and managing ServiceNow queues, ensuring ticket accuracy, status integrity, and SLA adherence.

• Serve as the central triage and prioritization authority for incoming cyber work, aligning assignments with mission priorities, team capacity, and operational urgency.

• Provide direct operational reporting to the CISO and government customer, delivering timely status updates, risk identification, and actionable insights on cyber tasking and performance.

• Lead daily operational synchronization efforts, including tracking deliverables, identifying bottlenecks, and escalating issues impacting mission execution.

• Act as a primary coordination point between cyber teams, program leadership, and a 450+ staff environment, ensuring consistent communication and alignment across stakeholders.

• Influence and optimize ServiceNow workflows and ticketing practices to align with evolving cyber operational processes and executive priorities.

• Oversee knowledge management practices, including development and maintenance of SOPs, process documentation, and operational playbooks.

• Track and analyze operational metrics (e.g., ticket throughput, aging, SLA compliance), providing data-driven recommendations to improve efficiency and service delivery.

Qualifications

• Bachelors & 14+ years of related experience, Masters & 12+ years of experience, or PhD or JD & 9+ years of experience

• Active TS/SCI CI Poly Clearance is required.

Desired Knowledge, Skills, Abilities, and Competencies:

• Advanced proficiency as a ServiceNow power user, including queue management, reporting, dashboarding, and workflow utilization (limited administrative access preferred).

• Strong understanding of cyber operations functions such as incident response, vulnerability management, and enterprise security operations.

• Demonstrated ability to operate at an SME/lead level with direct exposure to executive leadership (e.g., CISO), including clear and concise reporting of operational status and risks.

• Proven ability to maintain situational awareness and coordinate across multiple teams in a high-tempo, mission-driven environment.

• Familiarity with DoD cybersecurity environments, including exposure to RMF, impact levels (IL2–IL6), and data protection practices.

• Relevant DoD 8140 (or 8570 equivalent) certification required; ITIL Foundation or higher preferred.

Source: SAIC Careers