Security Operations Center (SOC) Manager

About The Position

Requirements

• Minimum 5 years of experience in a SOC or cybersecurity operations role
• Preferred certifications: CISSP, GCIA, GCIH, CEH
• Strong understanding of incident response methodologies and threat detection techniques
• Experience with SIEM platforms (e.g., Splunk, Sentinel), EDR tools, and log analysis
• Familiarity with MITRE ATT&CK framework and threat intelligence integration
• Ability to lead and mentor SOC analysts in a fast-paced environment
• Deep technical knowledge of computer networking concepts and protocols, network security methodologies, cyber threats and vulnerabilities, authentication, authorization, and access control methods.
• Knowledge of operational impacts of cybersecurity lapses.
• Experience with cyber defense and vulnerability assessment tools and capabilities with the ability to determine how a security system should work and how changes would impact outcomes.
• Ability to apply cybersecurity and privacy principles to meet organizational requirements
• Ability to effectively communicate and influence meaningful insights regarding the organization’s threat environment in order to improve its risk management posture
• Ability to provide consultation and guidance to team members and management concerning SOC maturity and gaps in capability.
• Makes sound decisions, based on empirical evidence, and in the absence of evidence, able to utilize analytic and diagnostic skills to gather available information from which to make decisions.
• Experience breaking a problem down to manageable pieces and implements effective, timely solutions.
• Is very good at identifying the problem versus the symptom.

Nice To Haves

• Bachelor’s or Master’s degree /certificate in IT, IS, Cybersecurity or other related field.
• Excellent communication and report writing skills
• Experience with vulnerability management and penetration testing tools
• Knowledge of regulatory frameworks such as NIST 800-53, ISO 27001, and SOC 2
• Experience managing an operational team.
• Experience with at least one of the major cloud providers: AWS, or GCP.

Responsibilities

• Oversee daily operations of the Security Operations Center (SOC), ensuring timely detection, analysis, and response to cybersecurity incidents
• Coordinate incident response efforts across teams, managing escalations and ensuring containment, eradication, and recovery procedures are executed effectively
• Develop and maintain SOC playbooks, workflows, wikis and escalation protocols to standardize response efforts and improve operational efficiency
• Monitor threat intelligence feeds and integrate relevant indicators into detection systems to enhance proactive defense capabilities
• Lead the implementation and tuning of security monitoring tools (e.g., SIEM, EDR) to ensure accurate alerting and minimal false positives

Benefits

• Georgetown University offers a comprehensive and competitive benefit package that includes medical, dental, vision, disability and life insurance, retirement savings, tuition assistance, work-life balance benefits, employee discounts and an array of voluntary insurance options.
• You can learn more about benefits and eligibility on the Department of Human Resources website.