SOC Team Lead

About The Position

Requirements

• Over 8 or more years of experience in a relevant IT engineering mission area.
• Ensure personnel are compliant with DoDI 8140.02 Identification, Tracking, and Reporting of Cyberspace Workforce
• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent experience).
• 8+ years of experience in SOC operations, cybersecurity incident response, or threat analysis.
• Hands-on experience with SIEM platforms and log analysis.
• Experience conducting forensic investigations in enterprise environments.
• Strong understanding of:
• Alert Triage and SOC Operations
• Incident Response methodologies
• Threat Intelligence and OSINT
• TTPs and IOCs
• Defense-in-Depth (DiD) strategies
• Experience supporting DoD or federal cybersecurity environments preferred.
• Clearance: Secret Clearance required

Nice To Haves

• Experience supporting DoD or federal cybersecurity environments preferred.

Responsibilities

• Assist the Watch Officer of the SOC team and cybersecurity professionals within customer environment
• Respond to various security incidents to protect the customer's digital assets from cyberattacks.
• Be responsible for overseeing the team, ensuring everyone is trained, motivated and effectively working together.
• Provide technical knowledge and analysis of security incident responses.
• Assist with performing forensic analysis of devices involved in incidents and forensic reporting.
• Assist with investigating potential intrusions and security events to contain and mitigate incidents.
• Assist with researching cyber-attacks, malware, and threat actors to determine potential impact and develop remediation guidance.
• Assist with analyzing network traffic and identify attack/malicious activity.
• Assist with documenting incident response activities and lessons learned.
• Assist with effectively communicating incident response activities.
• Assist with providing monitoring and response capabilities.
• Assist with regularly updating and optimizing queries and alerting rules.
• Assist with maintaining the confidentiality and integrity of the data within SIEM.
• Assist with providing timely and accurate reports to management and the government.
• Validate suspicious events by performing investigations using SIEM, leverage tools available to the SOC, threat intelligence and OSINT, TTPs and IOCs.
• Leverage knowledge of Alert Triage, SOC Operations, and Defense in Depth (DiD) to contribute to projects for overall success.
• Produce high-quality written and verbal communications, recommendations, and findings to management and the government in a timely manner.
• Provide timely escalation of events to either the watch officer or government.
• Other services and support as needed or directed by the government

Benefits

• Health/Dental/Vision
• 401(k) match
• Paid Time Off
• STD/LTD/Life Insurance
• Referral Bonuses
• professional development reimbursement
• parental leave