Security Operations Center (SOC) Manager

About The Position

Requirements

• Bachelor’s degree in Computer Science, Information Technology, or related field
• Minimum of 7 years of experience in incident response, including at least 2 years providing technical leadership for SOC operations supporting large enterprise environments
• At least 2 years implementing incident response processes within a federal environment aligned to NIST CSWP-29 (Cybersecurity Framework) and NIST SP 800-61
• Minimum of 2 years of experience using Splunk SIEM for alert correlation and analysis
• At least 3 years of experience performing system-level auditing and cybersecurity analysis across Windows and Linux environments
• Strong technical writing and reporting capabilities for both technical and executive audiences
• Certification required: GCIH or GCIA
• Ability to obtain and maintain a Public Trust clearance

Responsibilities

• Provide leadership and oversight for 24x7x365 Security Operations Center activities supporting a federal customer
• Direct all phases of incident response, including triage, investigation, containment, remediation, recovery, and post-incident reviews
• Ensure adherence to incident response procedures, SOC playbooks, and escalation protocols
• Oversee alert monitoring and triage operations using approved security platforms and enterprise tools
• Enforce response timelines and service level agreements for alert handling and escalation
• Lead coordination and communication during high-severity cybersecurity incidents
• Supervise SOC analysts, incident responders, and forensic personnel, ensuring appropriate staffing and performance
• Review and validate incident reports, forensic findings, malware analyses, and post-incident documentation
• Coordinate with federal customer stakeholders on operational risks, incident status, and threat landscape updates
• Ensure accurate documentation of incidents, timelines, and communications within authorized systems
• Track and report on operational metrics such as MTTA, MTTT, containment timelines, and remediation efficiency
• Conduct regular briefings to provide updates on incidents, trends, risks, and operational performance
• Maintain awareness of the overall security posture and operational status through development of a common operational picture
• Support forensic and malware analysis activities, including evidence handling and root cause investigations
• Ensure compliance with NIST SP 800-53, NIST SP 800-61, NIST CSF, and ITIL v4 practices
• Lead continuous improvement efforts to enhance SOC processes, workflows, and detection capabilities
• Support onboarding, transition, and knowledge transfer activities
• Deliver executive and technical presentations to stakeholders

Benefits

• 3 weeks of Personal Leave your first year
• 11 paid Holidays each year
• 5 days of Flexible Time Off each year
• 401(k) company match at 50% up to 10% of your salary
• Medical, Dental and Vision Insurance
• Life and Disability Insurance
• Public Transportation Subsidies
• Certifications and Training Allowance - Up to $5,000/year!