Clark Construction Group is looking for a strategic and experienced Cybersecurity Manager to join our growing cybersecurity team. This role is a critical component of our cybersecurity posture, responsible for executing our comprehensive approach to threat detection, incident response, and vulnerability management.

Reporting to the Director of Information Security, the Cybersecurity Manager will be responsible for leading advanced incident response efforts, and ensuring the efficient operation and tuning of our security technology stack. You will be a key leader in protecting our corporate and project-based digital assets.

This is an onsite role in our McLean, VA office.

• Incident Management & Leadership: Serve as a key technical lead and senior escalation point for major security incidents. This role involves leading and coordinating the technical response effort, ensuring proper communication and adherence to established protocols, and providing critical support to the Director during high-severity events.
• Deep Dive Investigation: Oversee and personally conduct complex, multi-stage security incident investigations, performing in-depth analysis of forensic artifacts, security logs, and network telemetry to determine scope, impact, and root cause.
• Reporting & Communication: Ensure comprehensive documentation of all incidents. Prepare and present high-level, executive-ready reports on major security incidents, providing clear context, lessons learned, and recommended preventative actions to management and stakeholders.
• Threat Hunting: Manage and drive the threat hunting activity, defining objectives, developing advanced hypotheses, and leading the team in proactively searching for signs of compromise, new attack techniques, and adversarial tactics.
• Vulnerability Remediation Oversight: Spearhead scanning, prioritizing remediation efforts based on risk severity (e.g., CVSS, exploitability), and collaborating directly with IT and system owners to ensure timely patching and risk mitigation.
• Security Tool Optimization: Continuously tune and refine security tools, such as our SIEM (Security Information and Event Management) system, IDS/IPS (Intrusion Detection/Prevention Systems), and EDR (Endpoint Detection and Response) platforms, to reduce false positives and enhance detection capabilities.
• Security Architecture Input: Provide expert technical input and recommendations for enhancing the overall security architecture based on threat intelligence, incident trends, and vulnerability data.
• Mentorship & Coaching: Mentor and coach junior and mid-level security analysts, fostering their technical skills in areas like forensics, log analysis, and threat intelligence.

Basic Qualifications

• 8-10+ years of progressive experience in a hands-on cybersecurity role (SOC, Incident Response, or Threat Management)

• Proven ability to lead major security incident responses under pressure and manage communication across technical and non-technical audiences

• Deep technical proficiency in log analysis, threat hunting methodologies, and digital forensics principles

• Expert-level knowledge of networking protocols (TCP/IP), operating systems (Windows, Linux), and network/host-based security technologies

• Demonstrated experience managing and optimizing a SIEM platform (e.g., Splunk, Microsoft Sentinel) and EDR solutions.

• Exceptional written and verbal communication skills, including the ability to present complex technical findings to executive leadership

• Alignment to Clark Standards of Excellence: Self-Motivated, Results Oriented, Adaptable, Team Player, Accountable, Ethical, Innovative, Resilient, Builds Relationships, Builds People / Teams & Followership, Sets Direction & Executes

Preferred Qualifications

• Bachelor's or Master's degree in Computer Science, Cybersecurity, or a related field

• Relevant professional certifications such as CISSP, SANS GIAC (GCIH, GCFA, GNFA), or CEH

• Experience with cloud security principles and platforms (AWS, Azure, or GCP) and securing hybrid environments

• Direct experience with automation and orchestration technologies to streamline SecOps workflows

• Familiarity with industry security frameworks (e.g., NIST CSF, ISO 27001) and security compliance requirements

The work environment and requirements described below are representative of those necessary for an employee to successfully perform the essential functions of this role.

The Physical Side of the Role: Given that a good portion of your day will be spent at a desk, you should be comfortable with prolonged periods of focused work, whether it's collaborating with colleagues, analyzing data, or developing strategies. The role demands effective communication and sharp visual acuity for reviewing complex documents and performing detailed computer work. While there are times for quiet concentration, you'll also be expected to move actively throughout the office and travel occasionally to various locations, including dynamic construction sites, utilizing different modes of transportation. The ability to lift and move objects up to 10 pounds regularly, and up to 25 pounds on occasion (think a box of files or small office equipment), is also required.

Your Work Environment: Your primary workspace will be in our professional office, which has a typical, quiet-to-moderate noise and light levels. As part of your work, you may also be required to visit active construction sites. These environments are naturally more dynamic and can include exposure to outdoor weather conditions, louder noise, and moving equipment. Your safety is our top priority, and you'll be expected to follow Clark Construction's safety policies and procedures, and all applicable laws, at all locations.

Our High-Performing Culture: This is a demanding, high-performance environment. We are looking for candidates who are energized by challenge, thrive under pressure, and are prepared to do what it takes to achieve exceptional results. Success in this role requires significant commitment, including flexibility to work extended hours, especially during critical project phases or client deadlines. Beyond regular working hours, there will be occasions where business needs require your attention, particularly for time-sensitive matters or emergencies. You are expected to monitor and respond to communications (phone calls, emails, text messages) as required to address these situations effectively. Your ability to manage these expectations and be responsive when critical issues arise is key to your success in this role and our collective success as a team.

A Drug Free Workplace: Clark promotes a drug free workplace. A pre-employment drug “fitness for duty” screening is required, and the company conducts random quarterly drug “fitness for duty” tests.