Security Operations Center (SOC) Manager

Expression is currently seeking a highly technical hands-on Security Operations Center (SOC) Manager with advanced skillsets in cybersecurity to develop and operate cybersecurity capabilities for a variety of federal customers. Candidates should have excellent written and oral communication skills be able to work independently and as part of a team with demonstrated leadership capabilities. Skills and experience in Cyber Operations Security Event Analysis Incident Response Cyber Hunt Forensics Malware Analysis and Cyber Threat Intelligence (skills in more than one cyber discipline are preferred) are required for this position. The ideal candidate will have hands-on experience supporting a 24x7x365 CSOC environment as an analyst or engineer experience as a technical team lead within the SOC and operations management experience. A solid understanding of cyber threats and information security in the domains of TTPs Threat Actors Campaigns and Observables.

Additionally the ideal candidate would be familiar with intrusion detection systems intrusion analysis security information event management platforms endpoint threat detection tools and security operations ticket management. The SOC Manager is also tasked with developing and maturing SOC strategies processes and technologies preparing executive-level reports on performance and threat trends and collaborating with cross-functional teams to align security initiatives with business objectives with a paramount focus on maintaining the integrity and confidentiality of organizational assets.

Location

• Hybrid in Reston VA

Clearance Required

• Active Top Secret clearance and SCI eligibility are required

Responsibilities

• Maintain a 24x7x365 schedule and minimum-manning requirements.
• Construct and optimize operational workflows for 24x7 teams across multiple shifts.
• Develop collect analyze security operational metrics to optimize CSOC performance and minimize organizational risk.
• Serve as a technical Cyber SME onsite task lead and primary point of contact for customer.
• Lead efforts Planning organization scheduling and progress reporting of various projects.
• Develop technical cyber security solutions in response to customer requests or in support of proposal solution development.
• Support new Agile Defense engagements as transitional program or operations lead.
• Support documentation of all business and workflow processes in this area.
• Provides technical consultation in cyber security capability development.
• Acts as a subject-matter expert to multiple tasks and/or programs.
• Provide technical writing support in support of corporate response to RFPs/RFQs from various customers
• Providing operational oversight for all SOC activities
• Managing the entire incident response lifecycle as a senior escalation point
• Leading the team through mentorship and professional development

Qualifications

• Bachelors degree in computer science engineering STEM or cybersecurity
• Minimum of 5 years of direct operational and program management experience in delivery of Cybersecurity program or related projects.
• Minimum of seven (7) years of professional experience with a solid understanding of incident response insider threat investigations digital forensics and cyber threats.
• Minimum of 5-7 years of cybersecurity experience with at least 5 years in a SOC leadership capacity
• In-depth technical expertise in areas such as SIEM EDR and incident response methodologies is essential coupled with a thorough understanding of network architectures and security controls.
• The ability to create insider threat focused dashboards reports and workflow diagrams.
• Experience collecting data chain of custody and reporting results; handling and escalating security issues or emergency situations appropriately; providing incident response capabilities to isolate and mitigate threats to maintain confidentiality integrity and availability for protected data.
• Experience with mentoring junior members in an open collaborative environment.
• Certified Information System Security Professional (CISSP)

Preferred Experience

• One of the following GCFA GREM GCIH OSCP GPEN GFCE or equivalent preferred.

Benefits

Expression offers highly competitive salaries performance-based incentives and additional benefits such as:

• 401k matching
• PPO and HDHP medical/dental/vision insurance
• Education reimbursement up to $10000/yr
• Complimentary life insurance
• 15 days of PTO and 11 days of holiday leave

About Expression

Founded in 1997 and headquartered in Washington DC Expression provides data fusion data analytics AI/ML software engineering information technology and electromagnetic spectrum management solutions to the U.S. Department of Defense Department of State and national security community.

Our culture emphasizes creating immediate and sustainable value for our clients through agile delivery of tailored solutions and constant engagement. We were ranked #1 on the Washington Technology Fast 50 list of fastest-growing small business Government contractors and recognized as a Top 20 Big Data Solutions Provider by CIO Review.

At Expression we ensure every team member has the tools and opportunities to grow while working with the newest technologies in the industry. We celebrate milestones accomplishments promotions and collaborative achievements that make our workplace engaging and rewarding.

Equal Employment Opportunity Statement

Expression is an Equal Opportunity Employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. All qualified applicants will receive consideration for employment without regard to race color religion gender gender identity or expression sexual orientation national origin genetics disability age or veteran status.