Microsoft Security Operations (SOC) Chief

About the Organization

Now is a great time to join Redhorse Corporation. We are a solution-driven company delivering data insights and technology solutions to customers with missions critical to U.S. national interests. We're looking for thoughtful, skilled professionals who thrive as trusted partners building technology-agnostic solutions and want to apply their talents supporting customers with difficult and important mission sets.

About the Role

Redhorse is seeking a highly skilled and experienced Security Operations Center (SOC) Chief to support our critical mission at the Federal Communications Commission (FCC). This is an on-site position leading the SOC operations and incident response activities, ensuring the continuous protection of the FCC's vital infrastructure and data. You will play a pivotal role in maintaining the FCC's cybersecurity posture, mitigating risks, and responding effectively to cyber threats. This position directly impacts the security and integrity of the FCC's communications networks and operations. Your expertise will be instrumental in ensuring compliance with NIST and FCC regulations, safeguarding sensitive information, and maintaining operational resilience.

Key Responsibilities

• Lead SOC operations and incident response activities, serving as the SOC manager and IR commander.
• Oversee 24/7/365 monitoring of all FCC security channels (GSA's MTIPS, TIC, and PEP systems).
• Conduct Information Security GAP Analysis reviews.
• Direct cybersecurity operations and incident response teams.
• Coordinate with the Department of Commerce Enterprise SOC.
• Ensure compliance with NIST 800-61 guidelines and FCC reporting standards.
• Manage incident response processes and procedures.
• Lead insider threat hunting and vulnerability assessment activities.
• Oversee cyber threat intelligence operations.
• Coordinate incident assessment and response support activities.
• Investigate alerts and triage incidents, analyze root causes, and respond to minimize damage.
• Author custom detection content, tune SIEM and IDS/IPS events, and maintain SIEM content.
• Maintain a Cyber Defense Playbook and SOC Communication Plan.

Required Experience/Clearance

• with a Top Secret US government clearance. Applicants who are not s and who do not have a current and active Top Secret security clearance will not be considered for this role.
• Bachelor's degree in Cybersecurity, Information Technology, or a related field.
• 7+ years of experience in SOC operations and incident response, including SOC management and IR commander role.
• Core competencies in leading Information Security GAP Analysis reviews, cybersecurity operations, and incident response.
• Knowledge, skills, tasks, and capabilities described in NICE Work Roles for Incident Response (PD-WRL-003), Insider Threat Analysis (PD-WRL-005), and Threat Analysis (PD-WRL-006).
• Required Certification: Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM).
• Required Certification: GIAC Incident Response Certification or GIAC Security Operations Manager (GSOM).
• Required Certification: Microsoft Certified Security Operations Analyst Associate.
• Must be available 24/7/365 for critical incidents.

Desired Experience

• Experience with specific security information and event management (SIEM) platforms.
• Experience with a variety of security tools beyond SIEM (e.g., endpoint detection and response, threat intelligence platforms).
• Advanced knowledge of scripting languages (e.g., Python, PowerShell) for automation and analysis.
• Experience working within a federal government environment.
• Familiarity with cloud security architectures and security controls.

Equal Opportunity Employer/Veterans/Disabled

Accommodations:

If you are a qualified individual with a disability or a disabled veteran, you may request a reasonable accommodation if you are unable or limited in your ability to access job openings or apply for a job on this site as a result of your disability. You can request reasonable accommodations by contacting Talent Acquisition at

Redhorse Corporation shall, in its discretion, modify or adjust the position to meet Redhorse's changing needs.

This job description is not a contract and may be adjusted as deemed appropriate in Redhorse's sole discretion.