Enterprise Security Operations Center (Esoc) Analyst Manager 2

The Role

Designs tests and implements state-of-the-art secure operating systems networks and database products. Conducts risk assessment and provides recommendations for application design. Involved in a wide range of security issues including architectures firewalls electronic data traffic and network access. Uses encryption technology penetration and vulnerability analysis of various security technologies and information technology security research. May prepare security reports to regulatory agencies.

The eSOC Analyst Manager leads and matures the companys enterprise-wide Security Operations Center (SOC) providing centralized monitoring detection and incident response across the enterprise and its three divisional networks including one that contains U-NNPI data regulated under NAVSEA 08 controls.

The position oversees cybersecurity operations for on-premises and hybrid cloud environments (including O365 Azure and AWS) and ensures continuous (24x7x365) coverage and protection of corporate and U.S. Government information. This role requires balancing technical depth operational leadership and compliance rigor under DFARS 252.204-7012 CMMC 2.0 and NIST SP 800-171/800-53 frameworks.

The eSOC Analyst Manager will direct day-to-day security operations coordinate enterprise incident response manage SOC personnel and contractors and continuously evolve monitoring capabilities using automation threat intelligence and Zero Trust-aligned practices. The position reports to the SOC Manager and partners with the Cybersecurity Support Group (CSG) manager

Additional Responsibilities

Leadership and Oversight

• Lead the eSOCs 24x7x365 analysts shift leads and threat intelligence efforts in investigations.
• Maintain monitoring and response coverage for enterprise divisional and cloud networks.
• Coordinate enterprise-level incident response (IR) activities ensuring consistent escalation containment and recovery across business units.
• Conduct post-incident reviews and after-action reporting to identify process technology or communication improvements.
• Maintain and refine SOC standard operating procedures (SOPs) playbooks and communication protocols.

Regulatory and Contractual Compliance

• Ensure SOC operations comply with DFARS 252.204-7012 CMMC 2.0 NIST 800-171 and relevant DoD contractual cybersecurity clauses.
• Oversee monitoring and response capabilities for networks that process Controlled Unclassified Information (CUI) and Unclassed Naval Nuclear Propulsion Information (U-NNPI) data.
• Maintain evidence logs and incident documentation suitable for DoD assessments and C3PAO reviews.
• Coordinate with compliance teams to ensure the SOCs technology stack and workflows meet evolving regulatory requirements.

Operational Excellence

• Execute the eSOC framework as set forth by the eSOC Manager.
• Manage Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs) including mean time to detect (MTTD) mean time to respond (MTTR) dwell time and false positive ratios.
• Drive automation and orchestration initiatives through SOAR and other technologies to optimize analyst efficiency.
• Collaborate with CSG to enhance and tune SIEM EDR/XDR UEBA and DLP solutions.
• Oversee detection content creation correlation rules and log source integration across cloud and on-premises systems.

Threat Intelligence and Coordination

• Integrate threat intelligence (CTI) feeds and indicators into SOC workflows.
• Map threats and adversary techniques using the MITRE ATT&CK framework.
• Partner with internal and external entities (e.g. DIB ISAC government reporting channels vendors) for timely intelligence sharing.
• Track emerging threats relevant to defense contractors and provide actionable insights to leadership.
• Coordinate hunting efforts and ensure due diligence of investigative efforts

Must Have

Bachelors Degree and 6 years of progressive technical experience in research engineering and design; Masters Degree and 4 years of relevant experience

One of the following may be used as an equivalent to Bachelors Degree for Information Technology Related Positions Only:

• NNS Apprentice School graduate
• Navy Nuclear Power School (NNPS) graduate
• Associates Degree or other formal 2 year program and 2 years of relevant exempt experience or 4 years of relevant non-exempt experience
• Military Paygrade E-5 or above military experience
• High School/GED and 4 years combined of Manufacturing Shipbuilding Trades Military experience or other relevant exempt experience
• High School/GED and 8 years combined of Manufacturing Shipbuilding Trades Military experience or other relevant non-exempt experience
• A relevant professional certification can be substituted for a Bachelors Degree.

Nice to Have

Bachelors degree in Computer Science Information Assurance or Cybersecurity (Masters preferred).
Certifications such as CISSP CISM GCIA GCIH GCED or equivalent.
Experience supporting multiple divisions or business units in a defense industrial base environment.
Knowledge of U-NNPI handling and related NAVSEA 08 guidance.
Familiarity with cloud-native security monitoring and global IR coordination.
6 years of progressive experience in cybersecurity with at least 2 years managing SOC or incident response operations.
Demonstrated success leading 24x7 operational teams and managing incident lifecycle activities.
Strong knowledge of SIEM SOAR EDR/XDR network IDS/IPS DLP and forensic tools.
Proven experience operating under DFARS 252.204-7012 CMMC 2.0 and NIST 800-171 and NIST 800-53 requirements.
Ability to translate technical issues into business and risk-based terms for executives.