SOC Manager

About The Position

Requirements

• Bachelor's degree (or an additional 4 years of related experience)
• At least one advanced cybersecurity certification is required (e.g., CISSP, CISM, CEH, GIAC/SANS, etc)
• Minimum five (5) years of SOC experience in a Tier 3, Shift Lead, SOC Lead, or similar role including:
• Advanced knowledge and experience providing technical leadership during major incidents (i.e., in an "incident commander" role)
• Advanced technical understanding of current and emerging cybersecurity tools and technologies
• Technical understanding of the full cyber threat/attack lifestyle, including attack vectors, methods, and TTPs
• Understanding of and experience with intelligence-driven defense
• Mature understanding of industry SOC standards and best practices (e.g., OMB, NIST, US-CERT, etc.)
• Strong leadership, written and verbal communication, customer service, and analytical and problem-solving skills are required
• Ability to provide steady leadership in a high-pressure environment with changing priorities.
• Top Secret Clearance, SCI Eligibility required

Nice To Haves

• Active Program Management certification OR ability to obtain one within 90 days of hire.

Responsibilities

• Serve as the foremost technical authority and point of escalation regarding monitoring, detection, analysis, and incident response
• Be the primary technical leader and change agent for the planning and execution of continual improvement initiatives including but not limited to: knowledge management, documentation, automation, tuning, lessons learned, QA/QC, and metrics
• Ensure a full library of Plans, SOPs, and playbooks exists for all SOC functions
• Create and implement a training plan to ensure all Analysts on your team have superior levels of knowledge and experience to triage and investigate all types of alerts
• Maintain constant awareness of the security posture of the organization versus internal and external threats, notifying stakeholders of changes, trends, and immediate threats or vulnerabilities; make recommendations to more effectively monitor, defend, and continuously improve the security posture of the organization
• Define, document, execute, measure, monitor, and improve SOC processes, paying special attention to integration points with other internal and external teams
• Write and publish after-action reviews; ensure lessons learned result in action items that are resolved and closed in a timely manner
• Build and implement a robust Cyber Threat Hunting program
• Correlate and contextualize Cyber Threat Intelligence; identify actionable indicators of compromise; disseminate and make recommendations to senior leadership regarding courses of action
• Plan and execute test exercises; recommend modifications or adjustments based on results
• Author, brief, and submit daily, weekly, and monthly status reports and other deliverables as required
• Remain abreast of current and emerging cybersecurity tools and technologies
• Other duties as assigned

Benefits

• Health/Dental/Vision
• 401(k) match
• Paid Time Off
• STD/LTD/Life Insurance
• Referral Bonuses
• professional development reimbursement
• parental leave