SOC Manager

Company: ECS Federal, LLC
Location: Fairfax Station
Posted on: May 28, 2023

Job Description:

ECS is seeking a SOC Manager to work in our Fairfax, VA office. Job Description:As a leading managed cybersecurity services provider, ECS delivers a highly tailored and customized offering to each customer. Our mission is broad, and our team is agile. We will leverage your unique skills to help solve customers' challenges, such as engineering a system to address a technical hurdle, protecting customer data, or consulting on a wide range of security topics. You are empowered to engage and lead across multiple groups and must have the self-sufficiency and focus to work well with minimal oversight. Our SOC Managers are the senior technical experts assigned to the Security Operations Center (SOC). They help lead our 24x7x365 SOC by providing technical oversight and direction to junior analysts. They support the commercial cybersecurity program during core business hours and are required to serve as the on-call CTA lead on a rotational basis. Responsibilities:Manage a staff of junior- and mid-level cyber threat analysts, hire and train new staff, conduct performance reviews, and provide leadership and coaching, including technical and personal development programs for team members. Drive staff to proactively identify, prevent, and respond to security incidents.Propose changes to existing policies and procedures to ensure operating efficiency and regulatory compliance. Develop and administer SOC processes and review their application to ensure they are operating effectively.Consult with IT and security staff to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, applications, and software.Develop a strong working relationship with the security engineering team to develop and implement controls and configurations aligned with security policies and legal, regulatory and audit requirements.Conduct network monitoring and intrusion detection analysis using various computer network defense tools, such as intrusion detection/prevention systems, firewalls, and host-based security systems.Manage and coordinate operational components of incident management, including detection, response, and reporting. Lead the investigation of large- and small-scale cyber breaches.Work with Endpoint Detection and Response (EDR), Security Information and Event Management (SIEM), and Security Orchestration, Automation, and Response (SOAR) technologies to correlate events and identify indicators of threat activity.Provides customers with incident response support, including mitigating actions to contain activity and facilitating forensics analysis when necessary.Research emerging threats and vulnerabilities to aid in the identification of incidents.Conduct log-based and endpoint-based threat detection to detect and protect against threats coming from multiple sources.Correlate network, cloud, and endpoint activity across environments to identify attacks and unauthorized use.Review alerts and data from sensors. Document formal, technical incident reports.Work with threat intelligence and threat-hunting teams. Maintain awareness of threat intelligence sources. Create reports, dashboards, and metrics for SOC operations and client presentations.Maintain awareness of current cyber threats, attack methodologies, and detection techniques using a wide variety of security products, including COTS and open source.Assist in the evaluation of new analytical techniques and capabilities to determine how they can integrate into a managed security offering.Communicate cyber events to internal and external stakeholders. Revise and develop processes to strengthen the current operational activities; review policies and recommend changes to improve governance. Required Skills:8+ years of experience in a technical cybersecurity role, including security operations, red team, or incident response.Strong leadership abilities, with the capability to develop and guide junior analysts, and work with minimal supervision.Excellent verbal, written, and interpersonal communication skills, including the ability to communicate effectively with the technical and non-technical personnel, project management teams, management, and business personnel; in-depth knowledge and understanding of information risk concepts and principles as a means of relating business needs to security controls; an excellent understanding of information security concepts, protocols, industry best practices, and strategies.Strong problem-solving and decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one.Expert-level experience working with EDR, SIEM, and SOAR technologies.An ability to effectively influence others to modify their opinions, plans, or behaviors.Good judgment and a sense of urgency, and has demonstrated commitment to high standards of ethics, regulatory compliance, customer service, and business integrity.Can interface with, and gain the respect of, stakeholders at all levels and roles in the company and with MSP customers.Ability to support on-site travel with customers or at ECS offices within the United States or OCONUS. Any travel will be short in duration and well-planned. Possess and maintain a U.S. Passport.Wear professional business attire for in-person meetings and teleconferences with internal and external organizations.Perform other duties, as assigned. Ability to achieve a Secret clearance. B.S. or M.S. in cybersecurity, information security, computer science, or a related field. Will consider experience in lieu of a degree Desired Skills:Experience building and leading high-performance teams. Priory management experience within a SOC is critical.Experience with McAfee (Trellix), Elastic, Helix, and/or Crowdstrike security stacks.Knowledge of advanced persistent threat (APT) actor tactics, techniques, and procedures (TTPs).Practical experience using MITRE ATT&CK for security operations.Experience building SOC playbooks, runbooks, and SOPs.Experience automating SOC processes via security orchestration, automation, and response technologies. Possess advanced level certification(s), including Certified Information Systems Security Professional (CISSP), GIAC Security Leadership (GSLC), GIAC Security Leadership (GSLC), GIAC Security Operations Manager (GSOM), or equivalent certification. ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis of race, color, religion, gender, age, national origin, citizenship, disability, veteran status or any other classification protected by federal, state, or local law. ECS promotes affirmative action for minorities, women, disabled persons, and veterans. ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3000+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.PDN-991b2da1-4aba-43d8-a8d5-0ad36f05f328

Keywords: ECS Federal, LLC, Washington DC , SOC Manager, Executive , Fairfax Station, DC