SOC Manager

 

We are looking for a seasone SOC Manager. This qualified individual will manage and provide guidance to the SOC team, maintain SOC personnel shift schedules, and manage and increase the effectiveness and efficiency of the SOC. In addition, you will lead the development of incident response plans and SOPs, creation of customer reports, and management of the identification, triage, and response of security events.

 

What You'll Do:

 

• The Cybersecurity SOC Manager will ensure projects and enhancements meet all requirements to ensure the projects are completed within schedule, cost, and performance
• Monitor each project providing timely project assessment, per the security requirements
• Participate in routine and periodic status meetings with key customer personnel, at times on short notice, to convey current status and risks are presented
• Provide Project management support following industry standards, frameworks, methodologies to perform a variety of project management functions such as; project management plans, work breakdown structure/schedules,risk mitigation plans and project timelines.
• Ensure Service Level Agreements (SLAs), of projects progress, risks, issues, and proposed resolutions
• Perform review and validation of all deliverables for SOC, IR, Threat Intelligence, Threat Hunting and other customer assigned activities
• Develop policies, instruction, standards, and procedures around security operation functions
• Provide Metrics and Artifacts supporting audit activities
• Provide oversight, direction, scheduling and monitoring of on-site staff within the SOC
• Ensure the watch floor is properly staffed 24x7x365 and that shifts remain staffed when personnel are on leave, sick, or on official travel.
• Brief executives about current issues, events, and pertinent information.
• SOC Lead will ensure they lead a daily client facing call on all daily Security activities, issues, actions
• Analyze incident reporting and follow up with reporting sites to ensure a complete picture of the incident is available.
• Ensure timely and accurate reporting to US-CERT, Agency OIG, and Agency Auditors
• Keep federal leadership appraised of any incidents that could receive additional attention from leadership.
• Responsible for team management, personnel scheduling, overall use of resources and initiation of corrective action where required for Security Operations Center.
• Management, administration & maintenance of security devices within scope
• Perform threat management, threat modeling, identify threat vectors and develop use cases for security monitoring.
• Provide oversight of use and implementation (shall be a power user) of SOC tools such as: SIEM (Splunk or Arcsight),McAfee ePO, Threat Protection tools, PaloAlto, Redseal, EnCase, Webinspect, Wireshark, Tenable and ForeScout, Infoblox and AWS GovCloud native tools

 

Required Qualifications:

 

• 10 years of experience, may have supervisory or lead experience
• 5+ years’ experience as a SOC lead, managing a team of analysts, Information Security / Cybersecurity
• 4+ years experience as a project manager
• Experience working with AWS Cloud environments
• Knowledge of cyber threat and/or intelligence analysis
• Knowledge of cyber vulnerability management practices
• CISSP certification is required 
• Excellent communication skills, both written and oral, to communicate with department executives
• Knowledge of and experience with standard network logging formats, network management systems and network security monitoring systems, security information and event management, network packet analysis tools and forensic analysis tools
• Solid understanding of cyber security and be able to analyze incident reporting and follow up with reporting sites
• Strong knowledge of incident management, problem management and change management best practices
• Understand and improve/revise escalation procedures
• Expertise with industry standard frameworks (NIST, FISMA, FedRAMP)
• Must be US Citizen
• Must be able to obtain and maintain the required agency clearance

Desired Qualifications:

 

• Strong time management skills and the ability to be self-directed
• Ability to evaluate, troubleshoot, and follow-up on customer issues as well as replicate and document for further escalation
• Ability to effectively prioritize and execute multiple tasks in a high-pressure environment including during disaster recovery/crisis situations
• Bachelors Degree is a plus
• PMP Certification

 

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.

$104,000 - $166,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual’s experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.

EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.