SOC Manager

Requisition #: 1458

Job Title: SOC Manager

Job Title for Careers Page: SOC Manager

Location: Reston, VA

Clearance Level: TS (SCI Eligible)

Required Certification(s): CISSP

SUMMARY

Agile Defense is currently seeking a highly technical, hands-on Cybersecurity Operations Center (CSOC) with advanced skillsets in cyber security, to develop and operate cyber security capabilities for a variety of federal customers. Candidates should have excellent written and oral communication skills, be able to work independently and as part of a team, with demonstrated leadership capabilities. Skills and experience in Cyber Operations, Security Event Analysis, Incident Response, Cyber Hunt, Forensics, Malware Analysis, and Cyber Threat Intelligence (skills in more than one cyber discipline are preferred) are required for this position. The ideal candidate will have hands-on experience supporting a 24x7x365 CSOC environment as an analyst or engineer, experience as a technical team lead within the SOC, and operations management experience. A solid understanding of cyber threats and information security in the domains of TTP’s, Threat Actors, Campaigns, and Observables. Additionally, the ideal candidate would be familiar with intrusion detection systems, intrusion analysis, security information event management platforms, endpoint threat detection tools, and security operations ticket management. The SOC Manager is also tasked with developing and maturing SOC strategies, processes, and technologies, preparing executive-level reports on performance and threat trends, and collaborating with cross-functional teams to align security initiatives with business objectives, with a paramount focus on maintaining the integrity and confidentiality of organizational assets.

Corporate duties such as solution/proposal development, corporate culture development, mentoring employees, supporting recruiting efforts, will also be required. Position is contingent on successfully completing a program-based background investigation.

JOB DUTIES AND RESPONSIBILITIES

Key responsibilities include providing operational oversight for all SOC activities, managing the entire incident response lifecycle as a senior escalation point, and leading the team through mentorship and professional development, all while strictly adhering to government and agency-specific policies and procedures. The SOC Manager is also tasked with developing and maturing SOC strategies, processes, and technologies, preparing executive-level reports on performance and threat trends, and collaborating with cross-functional teams to align security initiatives with business objectives, with a paramount focus on maintaining the integrity and confidentiality of organizational assets.

The SOC manager to provide cyber defense capabilities to federal entities provide comprehensive Computer Network Defense support through security event monitoring, advanced analytics, cyber hunt, response and digital forensics, vulnerability assessment, and cyber intelligence activities in support of the SOC operational mission.

· Maintain a 24x7x365 schedule and minimum-manning requirements.

· Construct and optimize operational workflows for 24x7 teams across multiple shifts.

· Develop, collect, analyze security operational metrics to optimize CSOC performance and minimize organizational risk.

· Serve as a technical Cyber SME, onsite task lead, and primary point of contact for customer.

· Lead efforts Planning, organization, scheduling and progress reporting of various projects.

· Develop technical cyber security solutions in response to customer requests or in support of proposal solution development.

· Support new Agile Defense engagements as transitional program or operations lead.

· Support documentation of all business and workflow processes in this area.

· Provides technical consultation in cyber security capability development.

· Acts as a subject-matter expert to multiple tasks and/or programs.

· Provide technical writing support in support of corporate response to RFPs/RFQs from various customers

QUALIFICATIONS

Candidates will have a minimum of 5 years of direct operational and program management experience in delivery of Cybersecurity program or related projects. Candidates will have a minimum of seven (7) years of professional experience with a solid understanding of incident response, insider threat investigations, digital forensics, and cyber threats.

Candidates for this role possess minimum of 5-7 years of cybersecurity experience, with at least 5 years in a SOC leadership capacity. In-depth technical expertise in areas such as SIEM, EDR, and incident response methodologies is essential, coupled with a thorough understanding of network architectures and security controls.

Education, Background, and Years of Experience

Bachelor’s degree in computer science, engineering, STEM or cybersecurity

ADDITIONAL SKILLS & QUALIFICATIONS

Required Skills

The ability to create insider threat focused dashboards, reports and workflow diagrams. Experience collecting data, chain of custody and reporting results; handling and escalating security issues or emergency situations appropriately; providing incident response capabilities to isolate and mitigate threats to maintain confidentiality, integrity, and availability for protected data. Experience with mentoring junior members in an open collaborative environment.

Preferred Skills or Certifications

One of the following GCFA, GREM, GCIH, OSCP, GPEN, GFCE or equivalent preferred.

WORKING CONDITIONS

Environmental Conditions

Hybrid role in Reston, VA

Strength Demands

Physical Requirements