Monitoring & Event Management Team Lead (SIEM‑capable) jobs in United States
cer-icon
Apply on Employer Site
company-logo

General Dynamics Information Technology · 4 hours ago

Monitoring & Event Management Team Lead (SIEM‑capable)

positionArlington, VA
timeFull-time
remoteOnsite
seniorityMid, Senior Level
money$106K/yr - $124K/yr
date5+ years exp

General Dynamics Information Technology is a global technology and professional services company that delivers consulting, technology and mission services. As the Monitoring & Event Management Team Lead, you will lead the team responsible for 24x7 monitoring and incident management, ensuring the continuous availability of critical services and infrastructure.

Artificial Intelligence (AI)Cloud ComputingConsultingCyber SecurityInformation Technology
badNo H1BnoteU.S. Citizen Onlynote

Responsibilities

Lead MEM staffing, shift schedules, handoffs, and Duty Officer readiness to ensure uninterrupted 24x7x365 EWCC operations
Manage event detection, validation, correlation, automated ticket generation into ITSM, and lead incident bridge calls for P1/P2 incidents
Drive improvements in monitoring efficacy, reduce false positives, and ensure timely P1 outage notifications and status updates per SLAs
Utilize enterprise monitoring tools, CMDB/ITSM integrations, synthetic transaction scripts, automation, ServiceNow Operations Modules, and SIEM‑style event/log correlation to deliver reliable MEM services
Operational Leadership — Lead MEM team activities to provide continuous EWCC coverage, ensure staffing coverage, and maintain Duty Officer readiness for P1/P2 incidents
Incident and Event Management — Oversee event detection, validation, correlation, automated ticket generation, and lead incident bridge calls; ensure P1 outage notifications and updates meet contractual timelines
ServiceNow Operations & SIEM Integration — Configure, tune, and operate ServiceNow Operations Modules to ingest events, correlate alerts, populate incidents, maintain CMDB accuracy, and automate remediation and escalation workflows; implement SIEM‑style log aggregation and correlation where required and coordinate escalations to SOC/security teams for security‑relevant events
Tooling and Configuration — Configure and maintain monitoring tools, dashboards, synthetic transactions, polling/trap logic, alert thresholds, and automated escalation workflows
CMDB and ITSM Integration — Maintain full integration between MEM, CMS/CMDB, and ITSMS so incidents include CI attributes, relationships, and correct severity assignments
Standards and Tuning — Develop, publish, and refine monitoring standards and templates; conduct quarterly reviews with FDIC to tune monitors and reduce noise
Performance and Capacity — Oversee availability, utilization, and performance monitoring for Data Center, Cloud, Network, and Unified Communications CIs; support capacity planning and trend analysis
Reporting and Continuous Improvement — Produce MEM reports and dashboards; recommend and implement improvements to increase monitoring efficacy and reduce false positives
Documentation and Audit Support — Validate knowledge base articles, SOPs, runbooks, and provide audit support and remediation for MEM tools
Vendor Coordination — Coordinate with vendors and third‑party providers for troubleshooting, patching, and tool rationalization
Access and Escalation — Provide FDIC direct access to engineering resources and ensure timely escalation to resolver groups

Qualification

Monitoring & Event ManagementITIL 4 FoundationServiceNow Operations ModulesSIEM experienceEnterprise MonitoringIT Service ManagementCollaborationAnalytical skillsLeadershipCommunicationCustomer focus

Required

5 + years of related experience
US Citizenship Required: Yes
Minimum 5 years of Monitoring & Event Management experience
At least 3 years in an IT outsourcing environment managing contractor personnel and operational delivery for 24x7 services
ITIL 4 Foundation (required)
High School Diploma, College Preferred
Strong knowledge of ICMP, SNMPv3, SSH, WMI, NetFlow and encrypted management protocols
Hands‑on experience with availability, utilization, performance, synthetic transaction, composite transaction, and log file monitoring
Experience integrating monitoring with CMDB/CMS and ITSM platforms and automating incident population and severity assignment
Proficiency in ServiceNow Operations Modules, including Event Management, ITOM/Discovery, Service Mapping, Incident Management, CMDB operations, and Orchestration
Experience with log aggregation, event normalization, correlation rule development, and SIEM‑style analytics (e.g., Splunk, QRadar, Microsoft Sentinel, or equivalent) or demonstrated ability to implement equivalent capabilities within MEM tooling
Proficiency in scripting and automation for synthetic transactions and automated remediation (PowerShell, Python, or similar)
Familiarity with database monitoring, middleware metrics (JVM, connection pools), and cloud monitoring for IaaS/PaaS/SaaS
Proven experience and proficiency with the following enterprise tools or direct equivalents: Intune; CrowdStrike; Defender; Endpoint Privilege Management; Fleet RMM; Netaphor SiteAudit; HP Web Jet Admin; Kofax Autostore; Token Vault; Wise Admin Studio; PSTools; Graph; YubiKey Manager; vSec:CMS Admin
Proven leadership and team management in high‑pressure, 24x7 environments
Clear, concise communicator for technical and non‑technical stakeholders; experienced running incident bridge calls and delivering outage updates
Strong analytical skills for root cause analysis, trend interpretation, and parametric application analysis
Deep understanding of ITIL processes (Incident, Problem, Change, Event, Capacity) and experience enforcing SLAs and operational metrics
Customer focus and ability to coordinate with vendors and third‑party providers

Preferred

Experience with Digital Experience Monitoring (DEX) and application performance monitoring (APM)
Experience with low‑code automation platforms and vendor support relationships for troubleshooting and EOL remediation

Benefits

Comprehensive benefits and wellness packages
401K with company match
Paid time off
Variety of medical plan options
Some with Health Savings Accounts
Dental plan options
Vision plan
Variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave
Short and long-term disability benefits
Life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance

Company

General Dynamics Information Technology

twittertwittertwitter
Glassdoor3.9
company-logo
General Dynamics Information Technology is an IT consulting company that specializes in cyber security, AI, and quantum computing. It is a sub-organization of General Dynamics.
dateFounded in 1999
location
Falls Church, Virginia, USA
people-size10001+ employees
web-link
https://www.gdit.com/

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Paul Nedzbala
Senior Vice President
linkedin
leader-logo
Ben Buckley
Vice President and General Manager
linkedin

Recent News

PRWeb
Parallel Works Deploys Mission-Critical Weather Forecasting to the Cloud, Expanding Real-Time Predictions at Scale
2026-01-13
PR Newswire
GDIT Named AWS Global Defense Consulting Partner of the Year
2026-01-03
PR Newswire
GDIT Awarded $285 Million Virginia Cybersecurity Services Contract
2025-12-16
Company data provided by crunchbase