AOUSC SOC Operations Lead Managed Detection & Response (MDR) Lead
Share
Job Location:
Washington, AR - USA
Monthly Salary:
Not Disclosed
Posted on:
8 hours ago
Vacancies:
1 Vacancy
Job Summary
Position Title
SOC Operations Lead / Managed Detection & Response (MDR) Lead
Position Overview
The SOC Operations Lead will oversee 24x7x365 Security Operations Center (SOC) and Managed Detection & Response (MDR) operations supporting a large federal enterprise environment. The Lead will direct SOC analysts incident responders and MDR personnel responsible for security monitoring alert triage incident analysis escalation containment coordination reporting and continuous operational improvement.
The ideal candidate possesses deep experience leading enterprise SOC operations supporting federal agencies including SIEM operations endpoint detection and response (EDR) cloud security monitoring incident coordination and executive cyber reporting.
Key Responsibilities
SOC Operations Lead / Managed Detection & Response (MDR) Lead
Position Overview
The SOC Operations Lead will oversee 24x7x365 Security Operations Center (SOC) and Managed Detection & Response (MDR) operations supporting a large federal enterprise environment. The Lead will direct SOC analysts incident responders and MDR personnel responsible for security monitoring alert triage incident analysis escalation containment coordination reporting and continuous operational improvement.
The ideal candidate possesses deep experience leading enterprise SOC operations supporting federal agencies including SIEM operations endpoint detection and response (EDR) cloud security monitoring incident coordination and executive cyber reporting.
Key Responsibilities
- Lead enterprise SOC and MDR operations supporting on-premises and cloud environments.
- Oversee 24x7 monitoring detection triage and escalation activities.
- Direct operational workflows for:
- SIEM monitoring
- alert management
- incident coordination
- case management
- and operational reporting.
- Manage analyst teams supporting:
- Splunk
- Microsoft Sentinel
- CrowdStrike
- Sysmon
- Windows event logging
- and cloud telemetry platforms.
- Develop and maintain SOC SOPs playbooks runbooks escalation matrices and reporting procedures.
- Lead operational metrics reporting including:
- MTTD
- MTTR
- false positive rates
- automation effectiveness
- analyst productivity
- and incident impact assessments.
- Coordinate closely with Threat Hunting CTI Detection Engineering and Incident Response teams.
- Brief executives and government leadership on significant incidents operational trends and emerging threats.
- Support proposal development oral presentations staffing and transition planning.
- 10 years of cybersecurity operations experience.
- 5 years leading enterprise SOC or MDR environments.
- Experience supporting federal civilian or DoD environments.
- Experience managing large-scale SOC operations in environments exceeding:
- 10000 users
- enterprise cloud environments
- and large SIEM deployments.
- Experience with:
- Splunk Enterprise Security
- Microsoft Sentinel
- CrowdStrike
- EDR/XDR platforms
- SOAR technologies
- and cloud security monitoring.
- Deep understanding of:
- MITRE ATT&CK
- incident response
- detection engineering
- and threat-informed defense.
- Strong executive briefing and oral presentation skills.
- CISSP
- GCIA
- GCIH
- GMON
- GSOC
- Splunk Architect/Admin certifications
- Microsoft Security certifications
Required Experience:
Senior IC
About Company
Our exclusive ATO as a Serviceā¢ software & expert services automate FISMA RMF & FedRAMP compliance.
