Cybersecurity Operations Lead

Job Description

Company: SAIC

Location: Arlington, US

Job ID 2613483

Location Arlington, VA, US

Date Posted 2026-06-09

Category Cyber

Subcategory Cybersecurity Ops

Schedule Full-Time

Shift Day Job

Travel Yes – 10% of the time

Minimum Clearance Required TS.SCI_wPoly

Clearance Level Must Be Able to Obtain None

Potential for Remote Work ORA_ON_SITE

Description

SAIC is seeking qualified applicants to support a cutting-edge data, analytics, and AI platform. The Cyber Operations Lead is a critical role in the day to day understanding, workflows, and triage of tasking assignments to 10+ cyber teams who are also working with other task areas that handle customer relationships, service portfolio and catalog management, software engineering & development, data/AI engineering, IT systems operations, and use case intake and analytics for DoW enterprise-scale mission objectives expected in Spring/Summer 2026.

Positions are contingent pending contract award. 

The work will be performed in Alexandria, Northern Virginia. Some work may be performed remotely, subject to Government approval. 

Job Responsibilities

• Maintain enterprise-wide operational awareness of cyber tasking across 10+ teams by actively monitoring and managing ServiceNow queues, ensuring ticket accuracy, status integrity, and SLA adherence.
• Serve as the central triage and prioritization authority for incoming cyber work, aligning assignments with mission priorities, team capacity, and operational urgency.
• Provide direct operational reporting to the CISO and government customer, delivering timely status updates, risk identification, and actionable insights on cyber tasking and performance.
• Lead daily operational synchronization efforts, including tracking deliverables, identifying bottlenecks, and escalating issues impacting mission execution.
• Act as a primary coordination point between cyber teams, program leadership, and a 450+ staff environment, ensuring consistent communication and alignment across stakeholders.
• Influence and optimize ServiceNow workflows and ticketing practices to align with evolving cyber operational processes and executive priorities.
• Oversee knowledge management practices, including development and maintenance of SOPs, process documentation, and operational playbooks.
• Track and analyze operational metrics (e.g., ticket throughput, aging, SLA compliance), providing data-driven recommendations to improve efficiency and service delivery.

Qualifications

• Bachelors & 14+ years of related experience, Masters & 12+ years of experience, or PhD or JD & 9+ years of experience
• Active TS/SCI CI Poly Clearance is required.

Desired Knowledge, Skills, Abilities, And Competencies

• Advanced proficiency as a ServiceNow power user, including queue management, reporting, dashboarding, and workflow utilization (limited administrative access preferred).
• Strong understanding of cyber operations functions such as incident response, vulnerability management, and enterprise security operations.
• Demonstrated ability to operate at an SME/lead level with direct exposure to executive leadership (e.g., CISO), including clear and concise reporting of operational status and risks.
• Proven ability to maintain situational awareness and coordinate across multiple teams in a high-tempo, mission-driven environment.
• Familiarity with DoD cybersecurity environments, including exposure to RMF, impact levels (IL2–IL6), and data protection practices.
• Relevant DoD 8140 (or 8570 equivalent) certification required; ITIL Foundation or higher preferred.

Source: LinkedIn