SOC Project Manager

Valiant Solutions is seeking a SOC Project Manger in the Washington DC Metro area to join our rapidly growing and innovative cybersecurity team!

Do you have a background leading SOC and Incident Response teams, along with maturing the tools and processes supporting SOCs? If so, this could be the perfect role for you!! As the Security Operations Center (SOC) Project Manager, you and the team will be responsible for manning a 24x7x365 coordination center and responding to alerts, notifications, communications, and providing incident response activities. The candidate will be responsible for supporting and leading a team of SOC analysts, threat hunters, threat intelligence specialists, and forensics SMEs. This is a hands-on leadership role where you will both lead the team and participate as a subject-matter expert. The successful candidate will have a technical background and prior experience leading large SOC teams successfully. This is a great opportunity to join our growing company in a role that involves leading SOC/IR operations and advancing the capabilities and processes that support them.

Named one of the in the Washington DC area for 11 consecutive years, Valiant is proud of our employee-centric culture and commitment to excellence. If you are interested in learning more about Valiant and this opportunity, we invite you to apply now!

This position should expect to report onsite, but may allow for remote work. Remote work necessitates a high-level trust in our employees and we strictly adhere to the details found below in our Remote Work Policy.

Required Experience:

• Project Management Professional (PMP), in good standing
• Certified Information Systems Security Professional (CISSP), in good standing
• Active Top Secret clearance with SCI eligibility (or able to obtain)
• 10 years of experience leading 24x7x365 SOCs, including at least five years managing hybrid environments that span both on-premises and cloud infrastructures.
• 10 years of hands-on cybersecurity incident response experience within large-scale environments, supporting 50,000 or more endpoints.
• At least (5) years managing a federal vulnerability management program
• Experience across all five portions of the NIST Cybersecurity Framework (Identify, Protect, Detect, Respond, and Recover).
• Demonstrated ability to influence others to accept practices and approaches, and the ability to communicate with and influence executive leadership.
• Demonstrated ability to evaluate events (through a triage process) and identify appropriate prioritization for response
• Experience and ability to use and follow Standard Operating Procedures (SOPs)
• In-depth experience with processing and triage of Security Alerts, from multiple sources but not limited to: Endpoint security tools, SIEM, email security solutions, CISA, Threat Intel Sources
• Demonstrated experience with triage and resolution of SOC tasks, including but not limited to: vulnerability announcements, phishing email review, Tier 1 IR support, SIEM/Security Tools - alert analysis
• Demonstrated experience and understanding of event timeline analysis and correlation of events between log sources

Responsibilities:

• Manage the 24/7/365 SOC, as well as Vulnerability Management Team, Threat Intel, Forensics, and Threat Hunt personnel and objectives.
• Lead and shall assign and deploy staff to achieve SOC objectives identified by the Government.
• Maintain, manage, and revise the SOC personnel shift schedules
• Provide technical guidance to the SOC team
• Produce and review aggregated performance metrics
• Manage and increase the effectiveness and efficiency of the SOC through improvements to each function, as well as coordination and communication between support and business functions.
• Think critically and creatively while analyzing security events, network traffic, and logs to engineer new detection methods.
• Work directly with IT Security and SOC leadership on cyber threat intelligence analysts to convert intelligence into proper detection.
• Create and brief customer reports.
• Participate in on-call rotation for after-hours security and/or engineering issues.
• Perform customer security assessments
• Develop and run tabletop exercises
• Collaborate with the incident response team to rapidly build detection rules as needed.
• Perform lessons learned activities.
• Mentor and provide training to SOC analysts and run brown bag training sessions
• Responsible for supporting 24x7x365 SOC operations, including but not limited to: alert review, analysis, triage, response, and action on IOCs and other operationally impactful information, initial review and triage of reported Incidents
• Perform analysis across all security tools, uncovering attack vectors involving a variety of malware, data exposure, phishing, and social engineering methods.
• Monitoring security events received through alerts from SIEM or other security tools
• Review and reporting on anomalous patterns (Hunting) across all security tools / SIEM.
• Logging security incidents in the IT ticketing system
• Managing security incidents throughout their lifecycle to closure
• Supporting ad-hoc data and investigation requests
• Participating in the remediation of incidents and responses that are generated from live threats against the enterprise
• Quickly develop an understanding of customer and SOC operations requirements and policies
• Ensure reports are properly entered into the incident tracking system
• Triaging events and investigating to identify security incidents
• Supporting incident response and handling (Detection, Analysis, Triage)
• Supporting and developing reports during and after SOC monitoring or Incidents, which include all actions taken to properly mitigate, recover, and return operations to normal operations
• IDS monitoring and analysis, analyze network traffic, log analysis, prioritize and differentiate between potential intrusion attempts and false alarms
• General cyber-attack stages, profiling techniques, and techniques for detecting host and network-based intrusions
• Composing security alert notifications