NextGen Command Center Lead, Top Secret

Responsibilities for this Position

Location: USA VA Herndon
Full Part/Time: Full time
Job Req: RQ220004

Type of Requisition:
Regular

Clearance Level Must Currently Possess:
Top Secret

Clearance Level Must Be Able to Obtain:
Top Secret

Public Trust/Other Required:
None

Job Family:
Cyber and IT Risk Management

Job Qualifications:

Skills:
Command & Control, Incident Response Operations, Large Team Management, Operational Command
Certifications:
None
Experience:
10 + years of related experience
US Citizenship Required:
Yes

Job Description:

The NextGen Command Center Lead is responsible for overseeing the operational delivery, performance, and readiness of the NextGen Command Center mission area under an upcoming government contract. This position leads teams delivering 24x7x365 cyber incident response, situational awareness, threat monitoring, operational reporting, and coordinated defensive action in support of national cyber resilience. The NextGen Command Center Lead ensures watch-floor operations, incident lifecycle management, intelligence integration, and command-center activities meet the requirements outlined by CISA and directly supports national cyber defense objectives. In this role, the successful candidate is accountable for ensuring continuous operational effectiveness, adherence to SOPs, rapid surge capability, and synchronized cross-functional coordination with other mission areas such as Threat Hunt, CTI, and Vulnerability Management.

Key Responsibilities

Operations Leadership & Command Center Execution

• Oversee teams responsible for operating a modernized, always-on incident response and cyber command center supporting 24x7x365 national cyber defense
• Ensure teams execute standardized watch-floor operations, including shift turnover, reporting cycles, operational summaries, and leadership updates to maintain synchronized situational awareness
• Oversee teams maintaining staffing, training, certification, and surge readiness necessary to support incident management, crisis action teams, and cross-functional coordination
• Ensure the Cyber Command Center environment is fully functional, compliant, and capable of providing real-time visibility, decision support, and operational coordination.

Incident Response Delivery & Lifecycle Management

• Oversee teams managing the full lifecycle of reported incidents across Critical Infrastructure, SLTT, and Federal Civilian Executive Branch partners, ensuring rapid triage, coordinated response, and timely escalation pathways
• Ensure teams deliver coordinated, rapid incident response actions that reduce risk, minimize impact, and improve recovery timelines
• Oversee teams providing victim notification, customer support, and unified communication throughout the incident lifecycle, ensuring a consistent, high-quality point of service
• Ensure accurate incident scoring in line with the National Cyber Incident Scoring System (NCISS)

Threat Monitoring, Hunt Coordination & Defensive Action

• Oversee persistent monitoring teams scanning intelligence, media, law enforcement, and global events to identify emerging threats impacting national critical functions
• Ensure teams integrate classified and unclassified intelligence into operations, request classification downgrades when appropriate, and incorporate insights into response workflows
• Oversee targeted hunt engagement support, ensuring robust analysis, documented findings, and actionable reports that strengthen national defenses
• Ensure mitigation strategies and defensive recommendations address capability gaps and strengthen enterprise, OT, and ICS environments

Cross-Agency Coordination & National Defense Integration

• Oversee teams coordinating response actions with federal agencies, SLTT partners, private sector entities, industry associations, and ISACs to support unified national cyber defense operations
• Ensure NextGen Command Center workflows are integrated with the broader national defense planning functions.
• Oversee outreach activities, community briefings, and threat-update engagements.

Communications, Intelligence Integration & Reporting

• Oversee preparation of alerts, advisories, leadership notices, and operational communications enabling data-driven decision-making during normal and crisis operations
• Ensure teams deliver rapid-turn operational briefings, slide decks, and incident communications.
• Maintain quality, accuracy, and timeliness of all reporting, ensuring consistent escalation paths and shared operational insights.

Operational Governance, SOP Management & Performance Metrics

• Oversee teams developing, updating, and maintaining SOPs, CONOPS-aligned processes, work instructions, and operational tools to ensure operational excellence
• Ensure mission-readiness metrics, operational performance indicators, and incident impact assessments are tracked, evaluated, and used to inform continuous improvement
• Oversee technical and operational risk identification and mitigation strategies.

Surge Support & Crisis Response Readiness

• Ensure teams maintain surge-ready technical expertise capable of deploying rapidly to support hunt missions, incident response engagements, or elevated operational tempo events
• Oversee crisis action team coordination, ensuring readiness to provide rapid response capabilities during high-impact national or global cyber events.

Required Qualifications

• Experience operating or managing large-scale 24x7 cybersecurity operations centers (SOC, fusion center, watch floor, or incident command center).
• Strong understanding of incident response lifecycles, threat intelligence integration, command-center operations, and crisis management.
• Experience leading technical and operational teams in high-tempo, mission-critical environments.
• Knowledge of federal cyber operations, including CI, SLTT, and FCEB mission contexts.
• Ability to manage performance metrics, operational workflows, and mission-readiness requirements.
• 10 years of overall cybersecurity experience with 5 years of management of cybersecurity teams

Preferred Qualifications

• Experience supporting CISA, DHS, DoD, or national-level cyber operations centers.
• Familiarity with ICS/OT environments and national critical functions.
• Certifications such as CISSP, GCIH, GCIA, GCTI, GICSP or similar.
• Experience supporting national cyber campaigns, crisis surge operations, or interagency coordination.

GDIT IS YOUR PLACE

• 401K : With company match.
• Health & Wellness : Comprehensive health and wellness packages.
• Career Growth : Internal mobility team dedicated to helping you own your career.
• Professional Development : Growth opportunities including paid education and certifications.
• Innovative Tech : Access to cutting-edge technology to stay ahead of the mission.
• Work-Life Balance : Rest and recharge with paid vacation and holidays.

The likely salary range for this position is $170,000 - $230,000. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.

Scheduled Weekly Hours:
40

Travel Required:
Less than 10%

Telecommuting Options:
Hybrid

Work Location:
USA VA Herndon

Additional Work Locations:

Total Rewards at GDIT:
Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.

We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 26,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.

Join our Talent Community to stay up to date on our career opportunities and events at
gdit.com/tc .

Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

PI284633480

The NextGen Command Center Lead is responsible for overseeing the operational delivery, performance, and readiness of the NextGen Command Center mission area under an upcoming government contract. This position leads teams delivering 24x7x365 cyber incident response, situational awareness, threat monitoring, operational reporting, and coordinated defensive action in support of national cyber resilience. The NextGen Command Center Lead ensures watch-floor operations, incident lifecycle management, intelligence integration, and command-center activities meet the requirements outlined by CISA and directly supports national cyber defense objectives. In this role, the successful candidate is accountable for ensuring continuous operational effectiveness, adherence to SOPs, rapid surge capability, and synchronized cross-functional coordination with other mission areas such as Threat Hunt, CTI, and Vulnerability Management.



Key Responsibilities



Operations Leadership & Command Center Execution

• Oversee teams responsible for operating a modernized, always-on incident response and cyber command center supporting 24x7x365 national cyber defense
• Ensure teams execute standardized watch-floor operations, including shift turnover, reporting cycles, operational summaries, and leadership updates to maintain synchronized situational awareness
• Oversee teams maintaining staffing, training, certification, and surge readiness necessary to support incident management, crisis action teams, and cross-functional coordination
• Ensure the Cyber Command Center environment is fully functional, compliant, and capable of providing real-time visibility, decision support, and operational coordination.

Incident Response Delivery & Lifecycle Management

• Oversee teams managing the full lifecycle of reported incidents across Critical Infrastructure, SLTT, and Federal Civilian Executive Branch partners, ensuring rapid triage, coordinated response, and timely escalation pathways
• Ensure teams deliver coordinated, rapid incident response actions that reduce risk, minimize impact, and improve recovery timelines
• Oversee teams providing victim notification, customer support, and unified communication throughout the incident lifecycle, ensuring a consistent, high-quality point of service
• Ensure accurate incident scoring in line with the National Cyber Incident Scoring System (NCISS)

Threat Monitoring, Hunt Coordination & Defensive Action

• Oversee persistent monitoring teams scanning intelligence, media, law enforcement, and global events to identify emerging threats impacting national critical functions
• Ensure teams integrate classified and unclassified intelligence into operations, request classification downgrades when appropriate, and incorporate insights into response workflows
• Oversee targeted hunt engagement support, ensuring robust analysis, documented findings, and actionable reports that strengthen national defenses
• Ensure mitigation strategies and defensive recommendations address capability gaps and strengthen enterprise, OT, and ICS environments

Cross-Agency Coordination & National Defense Integration

• Oversee teams coordinating response actions with federal agencies, SLTT partners, private sector entities, industry associations, and ISACs to support unified national cyber defense operations
• Ensure NextGen Command Center workflows are integrated with the broader national defense planning functions.
• Oversee outreach activities, community briefings, and threat-update engagements.

Communications, Intelligence Integration & Reporting

• Oversee preparation of alerts, advisories, leadership notices, and operational communications enabling data-driven decision-making during normal and crisis operations
• Ensure teams deliver rapid-turn operational briefings, slide decks, and incident communications.
• Maintain quality, accuracy, and timeliness of all reporting, ensuring consistent escalation paths and shared operational insights.

Operational Governance, SOP Management & Performance Metrics

• Oversee teams developing, updating, and maintaining SOPs, CONOPS-aligned processes, work instructions, and operational tools to ensure operational excellence
• Ensure mission-readiness metrics, operational performance indicators, and incident impact assessments are tracked, evaluated, and used to inform continuous improvement
• Oversee technical and operational risk identification and mitigation strategies.

Surge Support & Crisis Response Readiness

• Ensure teams maintain surge-ready technical expertise capable of deploying rapidly to support hunt missions, incident response engagements, or elevated operational tempo events
• Oversee crisis action team coordination, ensuring readiness to provide rapid response capabilities during high-impact national or global cyber events.

Required Qualifications

• Experience operating or managing large-scale 24x7 cybersecurity operations centers (SOC, fusion center, watch floor, or incident command center).
• Strong understanding of incident response lifecycles, threat intelligence integration, command-center operations, and crisis management.
• Experience leading technical and operational teams in high-tempo, mission-critical environments.
• Knowledge of federal cyber operations, including CI, SLTT, and FCEB mission contexts.
• Ability to manage performance metrics, operational workflows, and mission-readiness requirements.
• 10 years of overall cybersecurity experience with 5 years of management of cybersecurity teams

Preferred Qualifications

• Experience supporting CISA, DHS, DoD, or national-level cyber operations centers.
• Familiarity with ICS/OT environments and national critical functions.
• Certifications such as CISSP, GCIH, GCIA, GCTI, GICSP or similar.
• Experience supporting national cyber campaigns, crisis surge operations, or interagency coordination.

GDIT IS YOUR PLACE

• 401K : With company match.
• Health & Wellness : Comprehensive health and wellness packages.
• Career Growth : Internal mobility team dedicated to helping you own your career.
• Professional Development : Growth opportunities including paid education and certifications.
• Innovative Tech : Access to cutting-edge technology to stay ahead of the mission.
• Work-Life Balance : Rest and recharge with paid vacation and holidays.

The likely salary range for this position is $170,000 - $230,000. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.



Scheduled Weekly Hours:
40



Travel Required:
Less than 10%



Telecommuting Options:
Hybrid



Work Location:
USA VA Herndon



Additional Work Locations:



Total Rewards at GDIT:
Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.


We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 26,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.


Join our Talent Community to stay up to date on our career opportunities and events at

gdit.com/tc .


Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans

PI284633480