Security Operation Center (SOC) Lead

Security Operations Center (SOC) Lead - W-TRS Orlando Florida

Working across the globe V2X builds smart solutions designed to integrate physical and digital infrastructure from base to battlefield. We bring 120 years of successful mission support to improve security streamline logistics and enhance readiness. Aligned around a shared purpose our $3.9B company and 16000 people work alongside our clients here and abroad to tackle their most complex challenges with integrity respect responsibility and professionalism.

Job Overview:

Responsible for overseeing cybersecurity operations incident response and defensive cyber measures for centralized and geographically disbursed locations in support of Warfighter Training Readiness Solutions (W-TRS) program U.S. Army PEO STRI. Oversee day-to-day activities ensuring 24/7 monitoring and response to cyber threats. Supervise and lead SOC analysts ensuring adherence to best practices and operational procedures. Implements proactive defense strategies. Enforces compliance & reporting ensure compliance with DoD cybersecurity policies and generate reports for FISMA ConMon and security incidents. Tool maintenance and implementation ensure enterprise toolsets are functioning while driving adoption of new cybersecurity tools and automation to enhance efficiency to overall security posture.

Education/Experience

Bachelors degree in Cybersecurity and Information Assurance; Advanced degree(s) preferred.

Years Experience: (8MA/MS or 8BA/BS)

Certifications:

8140/8570 DoD Certification; Foundation-Advance / Information Assurance Technician (IAT-III) w/ CSSP Incident Responder certifications

Required Knowledge

• Brings hands-on experience in cybersecurity operations (including protection detection response and sustainment)
• Possesses extensive technical expertise in current cybersecurity technologies and emerging innovations.
• Demonstrates comprehensive knowledge of the lifecycle of cybersecurity threats with development of associated tactics techniques and procedures (TTPs).
• Knowledge in planning directing and managing Security Operations Center (SOC) operations in an organization in a large complex environment.

• Strong written and verbal communication skills and the ability to create technical reports based on analytical findings.

Responsibilities

• Support the implementation of to include the production of documentation and associated artifacts with the implementation of Cybersecurity requirements as identified in DoDI and AR 25-2 based upon Risk Management Framework (RMF)
• Ensure all sites execute monthly continuous monitoring and compliance testing to validate the current configurations against the documented security configuration baseline and report compliance.
• Ensure SOC provides 24 hours a day monitoring for training rotations and exercises for remote sites.
• Ensure that SOC verifies all assets have a representative security configuration baseline documented in Defense Information Systems Agency (DISA) STIG checklist and Plan of Action and Milestones (POA&M) form.
• Direct patching and IA Vulnerability Alert (IAVA) for supported baselines
• Standardizes analysis and correlation of audit records using the Security Incident & Event Management (SIEM) tools across different repositories to include backups.
• Enforcement of enterprise monitoring and controls communications at the external boundary for all sites and at key internal boundaries within the sites.
• Enforcement of enterprise monitoring and controls for unauthorized software to include mobile code through the continuous monitor process.
• Enforcement of all enterprise end point security software update at appropriate schedule within operational schedule.
• Ensure communication between remote sites with local cybersecurity governance personnel in accordance with the Incident Response Plan and security documentation.
• Ensure all sites are performing functional and security testing in support of Assessment and Authorization (A&A) activities.
• Ensure all sites configure and enable security features
• Enterprise Account management / IAM
• Support annual FISMA requirement for all sites to support auditors with actual and historical data from SOC.

Preferred Requirements

4 years of supervising and/or managing teams

5 years of Incident handling experience

Experience working with DoD / U.S. Army / Federal Government

Experience with software/tools: Assured Compliance Assessment Solution (ACAS) Splunk Endpoint Security Solution (ESS) Cisco Adaptive Security Appliance (ASA) Firewalls and Firepower IPS SRGs STIGS DISA STIG Viewer SCC/SCAP Evaluate STIG

Experience as a Cyber Engineer

Clearance

Must be a US Citizen with a DoD SECRET Clearance

Travel

N/A

Physical Requirements

Light Work. Exerting up to 20 pounds of force occasionally and/or up to 10 pounds of force frequently and/or a negligible amount of force constantly to move objects. If the use of arm and/or leg controls requires greater exertion of forces than for sedentary work and the worker sits most of the time the job is rated for light work.

Benefits include the following:

• Healthcare coverage
• Retirement plan
• Life insurance AD&D and disability benefits
• Wellness programs
• Paid time off including holidays
• Learning and Development resources
• Employee assistance resources

Pay and benefits are subject to change at any time and may be modified at the discretion of the company consistent with the terms of any applicable compensation or benefit plans.

V2X is committed to building a diverse and inclusive environment in which we recognize and value each others differences as well as fostering a culture that promotes its core values: Professionalism Integrity and Respect. As an equal opportunity employer all qualified applicants will receive consideration for employment without regard to race color religion sex sexual orientation gender identity genetic information national origin age disability or status as a protected veteran.