We’re looking for a dynamic and confident team member. In this role, you will:
Manage SOC watch floor activities.
Produce and review reports from SOC analysts.
Conduct and lead incident response activities of the 24/7 watch floor, as necessary.
Develop and manage the watch floor staff schedules.
Oversee the quality of work performed by the SOC analysts.
Own SOPs, playbooks, and tools guides used by the SOC analysts and ensure compliance.
Support the customer and team in all aspects and responsibilities of the SOC watch floor, including:
Support of complex network exploitation and defense techniques.
Support incident response and remediation activities.
Target mapping and profiling.
Network decoy and deception operations.
Forensic services and analysis.
Stay updated on current open source and proprietary COTS security tools
Research emerging threats, threat sources, and develop threat profiles and associate risk management.
The lead will work a normal business hour schedule, but may be called in after-hours to support the analysis and handling of significant events.
Active TOP SECRET Security Clearance with the ability to obtain a TS/SCI
10 years of experience supporting cybersecurity operations.
Thorough understanding of cybersecurity operations workflows and Cyber Kill Chain framework.
Strong analytical and organizational skills.
Excellent customer service skills.
Strong writing skills.
Experience with securing various environments.
Experience and education in one or more of CEH, eCPPT, OSCP, GCFW, GCIH, IHRP, etc.
Experience and education in one or more vendor certification programs such as Splunk Certified Architect, Sourcefire Certified Administrator, Security+, Network+, GSEC, Tenable Certified Nessus Auditor, ArcSight Certified Systems Analyst, SnortCP CISSP, CISM, or ISO 27001.
Confidence to believe in yourself.
All your information will be kept confidential according to EEO guidelines.