Description Job Description:
No two career paths will ever look the same. At Leidos,
we know the most talented and diverse IT and cyber security professionals will always have a multitude of career choices; your time at Leidos will be a wise investment in your career and in yourself. We welcome your perspective and ideas, in order to foster collaboration and deliver world-class solutions. We look for solutions that not only transform businesses, but change the world.
Leidos is looking for a SOC Manager for a large Enterprise Information Technology (IT) services program. The SOC manager will provide senior technical leadership and coordination to an enterprise Security Operations Center (SOC) working in a 24x7 operational environment.
This position requires daily interaction with management, security personnel at customer sites, and government personnel with other federal agencies. Applicant must be a positive, flexible, self-starter requiring minimal direct supervision, and able to excel as a leader in the fast-paced cybersecurity industry. Exceptional management, communication and interpersonal skills are a necessity; including the ability to effectively communicate via written and verbal media. The SOC Manager is responsible for providing technical oversite and managing the scheduling of SOC activities, and advancing the state of analysis with techniques and tools.
This position will assist with building the team, including development, training and mentoring; establishing standards for high quality of deliverables and outputs; tuning and creating processes and procedures for the SOC; and creating a sense of ownership and dedication to mission. Position may include up to 10% travel both locally and nationwide.
Duties and Responsibilities:
- Establish the operational rhythm and standards for the SOC
- Coordinate the scheduling of the 24 x 7 analysts and CIRT teams
- Lead or assign leadership for projects advancing the state of analytic techniques and tools
- Lead and manage 30-50 employees conducting 24 x 7 SOC activities
- Be familiar with the scope of SOC activities, sufficient to be able to provide guidance on the activities to the staff
- Validate continual improvement and technical advances;
- Maintain a forward-leaning ops tempo that includes continual validation and improvement across all SOC functions.
- Maintain situational awareness of escalated events and alerts, tools status, vulnerability status, forensics and malware investigations, intelligence status, and all other SOC functions
- Report on SOC activities and deliver SOC recommendations in accordance with government and contractual requirements Provide customers with remediation recommendations
- Serve as a Subject Matter Expert (SME) within the team for technical expertise
- Develop program of training and coaching sessions for SOC personnel on analytic techniques and tools
- Create, review, and approve new procedural documentation
- Other duties as assigned
- Bachelor's Degree in Computer Science, Information Systems, Information Security or related technical discipline and 12 years of technical experience with a preference of experience in network security monitoring.
- Minimum 5 years of direct staff management experience in delivery of information systems or computer network support services
- Active Advanced cyber security certification(s) in at least one (1) of the following: Certified Information Security Professional (CISSP); CISSP®-ISSMP: Information Systems Security Management Professional
- In-depth understanding of cyber security architectures, technical platforms, threat management standards and industry best practices.
- Subject matter expertise on enterprise information security architecture and ability to apply these to the organization's overall security strategy.
- Knowledge of cyber threats and vulnerabilities as they relate to the cyber security area of expertise.
- Knowledge of specific operational impacts of cyber security lapses as they relate to the cyber security area of expertise.
- Ability to apply an organization's goals and objectives to develop and maintain the team's operations architecture.
- Knowledge of integrating the team's goals and objectives into team's technical and/or functional architecture.
- Strong ability to work well with a diverse staff base.
- Demonstrated experience in making processes more efficient.
- Knowledge of laws, regulations, policies, and ethics as they relate to the cyber security area of expertise.
- Experience working in a heavily regulated and/or audited environment.
- Excellent written, oral and presentation skills, especially in conducting cross-training events for the team other cyber security teams.
External Referral Bonus:
- Ability to evaluate or execute technology and/or tool automation processes.
- Technical (hands-on) experience with Splunk, Malware Analysis, Security Monitoring, Cyber Security Compliance, Cyber Security Risk assessments, and technical procedure documentation
- Knowledge of operations testing and evaluation methods as they relate to the Cyber Security area of expertise.
- Experience managing a technical team in an operational environment (24 x 7 and SOC considered a plus)
- Experience in network and cyber security design, engineering and operations
- Experience with NIST SP 800 series or ISO 27000 series documents for information security management and risk assessment
- Understanding of DevOps/Agile concepts and processes
- Active Department of Energy (DOE) Q Clearance OR Top Secret Security Clearance required
- US Citizenship required
EligiblePotential for Telework:
NoClearance Level Required:
NoScheduled Weekly Hours: