Security Operations Center Lead

Description

Job Description:

Leidos is looking for a Security Operations Center (SOC) Lead to support a large opportunity for Leidos supporting operations for Integrated Information & Cyber Security Services including Enterprise Operations, End User Support, Software Engineering, Cloud technologies and Cyber Security. The SOC manager will provide senior technical leadership and coordination to an enterprise Security Operations Center (SOC) working in a 24x7 operational environment.

Primary Responsibilities
This position requires daily interaction with management, security personnel at customer sites, and government personnel with other federal agencies. Applicant must be a positive, flexible, self-starter requiring minimal direct supervision, and able to excel as a leader in the fast-paced cybersecurity industry. Exceptional management, communication and interpersonal skills are a necessity; including the ability to effectively communicate via written and verbal media. The SOC Manager is responsible for providing technical oversite and managing the scheduling of SOC activities and advancing the state of analysis with techniques and tools.
This position will assist with building the team, including development, training and mentoring; establishing standards for high quality of deliverables and outputs; tuning and creating processes and procedures for the SOC; and creating a sense of ownership and dedication to mission. Position may include up to 10% travel both locally and nationwide.

Responsible for the following tasks:
• Establish the operational rhythm and standards for the SOC
• Coordinate the scheduling of the 24 x 7 analysts and CIRT teams
• Lead or assign leadership for projects advancing the state of analytic techniques and tools
• Lead and manage 20-30 employees conducting 24 x 7 SOC activities
• Validate continual improvement and technical advances.
• Maintain a forward-leaning ops tempo that includes continual validation and improvement across all SOC functions.
• Maintain situational awareness of escalated events and alerts, tools status, vulnerability status, forensics and malware investigations, intelligence status, and all other SOC functions
• Experience reporting on SOC activities and deliver SOC recommendations in accordance with government and contractual requirements Provide customers with remediation recommendations
• Serve as a Subject Matter Expert (SME) within the team for technical expertise
• Develop program of training and coaching sessions for SOC personnel on analytic techniques and tools
• Create, review, and approve new procedural documentation

Basic Qualifications
• Active TOP SECRET SCI clearance and/or U.S. Department of Energy Q clearance
• Experience with the scope of leading SOC activities, sufficient to be able to provide guidance on the activities to the staff
• Experience reporting on SOC activities and deliver SOC recommendations in accordance with government and contractual requirements Provide customers with remediation recommendations
• Bachelor's Degree in Computer Science, Information Systems, Information Security or related technical discipline and 10 years of technical experience with a preference of experience in network security monitoring.
• Minimum 5 years of direct staff management experience in delivery of information systems or computer network support services
• IAT Level III Certified
• CSSP Certified (Active Advanced cyber security certification(s) in at least one (1) of the following: Certified Information Security Professional (CISSP); CISSP®-ISSMP: Information Systems Security Management Professional)
• In-depth understanding of cyber security architectures, technical platforms, threat management standards and industry best practices.
• Subject matter expertise on enterprise information security architecture and ability to apply these to the organization's overall security strategy.
• Knowledge of cyber threats and vulnerabilities as they relate to the cyber security area of expertise.
• Knowledge of specific operational impacts of cyber security lapses as they relate to the cyber security area of expertise.
• Ability to apply an organization's goals and objectives to develop and maintain the team’s operations architecture.
• Knowledge of integrating the team’s goals and objectives into team’s technical and/or functional architecture.
• Strong ability to work well with a diverse staff base.
• Demonstrated experience in making processes more efficient.
• Knowledge of laws, regulations, policies, and ethics as they relate to the cyber security area of expertise.
• Experience working in a heavily regulated and/or audited environment.
• Excellent written, oral and presentation skills, especially in conducting cross-training events for the team other cyber security teams.

Preferred Qualifications
• Ability to evaluate or execute technology and/or tool automation processes.
• Technical (hands-on) experience with Splunk, Malware Analysis, Security Monitoring, Cyber Security Compliance, Cyber Security Risk assessments, and technical procedure documentation
• Knowledge of operations testing and evaluation methods as they relate to the Cyber Security area of expertise.
• Experience managing a technical team in an operational environment (24 x 7 and SOC considered a plus)
• Experience in network and cyber security design, engineering and operations
• Experience with NIST SP 800 series or ISO 27000 series documents for information security management and risk assessment
• Understanding of DevOps/Agile concepts and processes

Pay Range: