SOC Lead

Join Peraton in advancing the safety, efficiency, and modernization of the National Airspace System (NAS) through the FAA’s Brand New Air Traffic Control System (BNATCS) contract. As a trusted partner to the Federal Aviation Administration, Peraton helps deliver the systems and services that keep our nation’s skies safe and connected. We’re looking for innovative professionals who thrive in mission-critical environments and are passionate about shaping the future of air traffic management. This is your chance to make an impact on one of the world’s most vital transportation infrastructures, working alongside leaders in aviation, engineering, data science, and systems integration. At Peraton, you won’t just support the mission — you’ll define it. Join a team dedicated to protecting the safety and integrity of U.S. air travel. Peraton is seeking an experienced SOC Lead to lead and mature cybersecurity monitoring, detection, and incident response operations supporting programs aligned to the Federal Aviation Administration (FAA). This role is responsible for the strategic and operational management of the SOC, including workforce leadership, tool governance, incident response oversight, and continuous improvement of detection and response capabilities across the National Airspace System (NAS). The ideal candidate brings deep SOC leadership experience, strong knowledge of federal cybersecurity frameworks, and a proven ability to manage teams, processes, and technologies in a highly regulated, high-availability environment. In this position, you will: Lead and manage SOC operations, including staffing models, shift coverage, and on-call rotations. Oversee incident response lifecycle (triage, containment, eradication, recovery) and serve as executive escalation authority. Supervise, mentor, and develop SOC Leads and Analysts; establish performance goals and training plans. Govern and optimize security monitoring tools (SIEM, EDR, IDS/IPS, SOAR, vulnerability scanners). Establish and maintain SOC policies, SOPs, runbooks, and playbooks aligned with federal standards. Drive threat intelligence integration, detection engineering, and threat hunting programs. Ensure accurate incident documentation, metrics, and reporting to leadership and FAA stakeholders. Coordinate with network, cloud, application, and engineering teams to remediate vulnerabilities and systemic risks. Manage vendor relationships, contracts, and tool roadmaps for SOC capabilities. Lead tabletop exercises, incident simulations, audits, and after-action reviews. Track and report KPIs/SLAs, trends, and continuous improvement initiatives. Support change management, tool onboarding, and security architecture enhancements. Ability to brief executive leadership and translate technical risk into business impact. Manage budgets, staffing plans, and operational metrics. Why This Role Matters The FAA’s mission to safely operate and modernize the NAS depends on uninterrupted, resilient cybersecurity operations. As SOC Lead, you ensure threats are detected early, incidents are managed effectively, and security operations scale to meet evolving risks. Your leadership directly safeguards mission-critical systems, supports operational continuity, and strengthens the FAA’s enterprise cyber defense posture.