Security Operations Center Manager

We are searching for a Security Operations Center (SOC) Manager to provide leadership, direction, and hands-on management for delivery of mission enabling cybersecurity services of critical national security importance.

The Security Operations Center (SOC) Manager will support operations for the National Nuclear Security Administration (NNSA) Office of the Chief Information Officer (OCIO). The successful candidate will provide senior technical leadership and coordination to an enterprise Security Operations Center (SOC) working in a 24x7 operational environment. This position requires daily interaction with management, security personnel at customer sites, and government personnel with other federal agencies. Applicant must be a positive, flexible, self-starter requiring minimal direct supervision, and able to excel as a leader in the fast-paced cybersecurity industry. Exceptional management, communication and interpersonal skills are a necessity; including the ability to effectively communicate via written and verbal media. The SOC Manager is responsible for providing technical oversite and managing the scheduling of SOC activities and advancing the state of analysis with techniques and tools.

Required Qualifications:

• US Citizenship
• Active DOE Q or TS/SCI clearance
• DoD 8570 IAM Level III certification
• Bachelor’s degree in a cyber related discipline and 8 or more years of prior relevant work experience within IT/Cybersecurity
• Minimum of 5 years of direct staff management experience in delivery of information systems or computer network support services
• 4+ years of experience working in a SOC environment
• Managed 24x7x365 Security Operations Center while establishing operational rhythm and standards
• Establish and maintain a forward-leaning operational tempo that includes continual validation and improvement across all SOC functions
• Experience working with SIEM/SOAR technologies
• Knowledgeable with EDR technologies
• Experience reporting on SOC activities and deliver SOC recommendations in accordance with government and contractual requirements
• Develop processes, procedures, and SOPs for operational capabilities
• Knowledge of cyber threats and vulnerabilities as they relate to the cyber security area of expertise
• Knowledge of specific operational impacts of cyber security lapses as they relate to the cyber security area of expertise
• In-depth understanding of cyber security architectures, technical platforms, threat management standards and industry best practices
• Technical (hands-on) experience with Splunk, Malware Analysis, Security Monitoring, Cyber Security Compliance, Cyber Security Risk assessments, and technical procedure documentation

Preferred Qualifications:

• CISSP Certification or ability to obtain within 6 months of start
• DOE and/or NNSA site experience strongly preferred
• Knowledge and familiarity with the fundamental of agile project management
• Knowledge of DOE and/or NNSA security policies and procedures
• Experience working in both Classified and Unclassified operations
• Knowledge of and/or experience with SD 205.1

Prescreen Questionnaire (Please come prepared to the interview with these questions in mind)

Security Operations Center Manager

• What is a SIEM tool that you have used in the past? What did you like or dislike about it?
• Which forensic tools have you used in the past?
• Have you ever written any internal processes or enterprise level processes? Please provide a few examples.
• What metrics do you use to measure success?
• Please provide an example of a process improvement you have identified.
• What are some valuable logs in an environment and how can they be used to detect threats or attacks?

Benefits

• 
  This is a full time position that offers a competitive benefits package

rgUBto2nry