Security Operation Center Lead

Randstad Digital is currently looking for a Security Operation Center (SOC) Lead for a client engagement in Orlando, FL. This role would be on-site and candidates must have experience leading U.S. DoD SOC's across multiple time zones.

This role will be responsible for leading U.S. DoD SOC's across multiple time zones. Experience with software/tools: Assured Compliance Assessment Solution (ACAS), Splunk, Endpoint Security Solution (ESS), Cisco Adaptive Security Appliance (ASA) Firewalls and Firepower IPS, SRGs, STIGS, DISA STIG Viewer, SCC/SCAP, and Evaluate STIG

- Brings hands-on experience in cybersecurity operations (including protection, detection, response, and sustainment)

- Possesses extensive technical expertise in current cybersecurity technologies and emerging innovations.

- Demonstrates comprehensive knowledge of the lifecycle of cybersecurity threats with development of associated tactics, techniques, and procedures (TTPs).

- Knowledge in planning, directing, and managing Security Operations Center (SOC) operations in an organization in a large, complex environment.

- Strong written and verbal communication skills, and the ability to create technical reports based on analytical findings.

Responsibilities

- Support the implementation of, to include the production of documentation and associated artifacts with the implementation of, Cybersecurity requirements as identified in DoDI 8510,8140, and AR 25-2 based upon Risk Management Framework (RMF)

- Ensure all sites execute monthly continuous monitoring and compliance testing to validate the current configurations, against the documented security configuration baseline, and report compliance.

- Ensure SOC provides 24 hours a day monitoring for training rotations and exercises for remote sites.

- Ensure that SOC verifies all assets have a representative security configuration baseline documented in Defense Information Systems Agency (DISA) STIG checklist and Plan of Action and Milestones (POA&M) form.

- Direct patching and IA Vulnerability Alert (IAVA) for supported baselines

- Standardizes analysis and correlation of audit records using the Security Incident & Event Management (SIEM) tools across different repositories, to include backups.

- Enforcement of enterprise monitoring and controls communications at the external boundary for all sites and at key internal boundaries within the sites.

- Enforcement of enterprise monitoring, and controls for unauthorized software, to include mobile code through the continuous monitor process.

- Enforcement of all enterprise end point security software update at appropriate schedule within operational schedule.

- Ensure communication between remote sites with local cybersecurity governance personnel in accordance with the Incident Response Plan and security documentation.

- Ensure all sites are performing functional and security testing in support of Assessment and Authorization (A&A) activities.

- Ensure all sites configure and enable security features

- Enterprise Account management / IAM

- Support annual FISMA requirement for all sites, to support auditors with actual and historical data from SOC.

- 4+ years of supervising and/or managing teams

- 5+ years of Incident handling experience

- Experience working with DoD / U.S. Army / Federal Government

- Experience with software/tools: Assured Compliance Assessment Solution (ACAS), Splunk, Endpoint Security Solution (ESS), Cisco Adaptive Security Appliance (ASA) Firewalls and Firepower IPS, SRGs, STIGS, DISA STIG Viewer, SCC/SCAP, Evaluate STIG

- Experience as a Cyber Engineer

Desired Certification:

CISSP or higher w/ CSSP Incident Responder certifications

Education Requirements:

Bachelor's degree in Cybersecurity and Information Assurance; Advanced degree(s) preferred.

Experience Requirements

Bachelor's degree + 8 years of relevant experience, Master's degree + 5 years of relevant experience

Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.

At Randstad Digital, we welcome people of all abilities and want to ensure that our hiring and interview process meets the needs of all applicants. If you require a reasonable accommodation to make your application or interview experience a great one, please contact

Pay offered to a successful candidate will be based on several factors including the candidate's education, work experience, work location, specific job duties, certifications, etc. In addition, Randstad Digital offers a comprehensive benefits package, including: medical, prescription, dental, vision, AD&D, and life insurance offerings, short-term disability, and a 401K plan (all benefits are based on eligibility).

This posting is open for thirty (30) days.