SeK ON is seeking a Security Operations Center (SOC) Manager to support the National Science Foundation (NSF) in Fairfax, VA . The SOC Manager will play a crucial role in overseeing the centralized coordination unit of the clients IT Security Operations, focusing on the security principle of people, processes, and technology to manage cybersecurity threats and incidents. This position requires a strategic leader capable of real-time monitoring, detection, analysis, and isolation of incidents on the clients’ network. The successful candidate will manage the agency’s cybersecurity products, networks, end-user devices, and both egress and ingress connections to agency systems.

This position is based in Fairfax, VA, with some flexibility for remote work.

With over 25 years of experience, SeK ON specializes in providing large-scale health IT programs in support of federal government customers including the CDC, CMS, DHA, and NIH. Our vision is "To be the premier management and technology consulting firm providing solutions that improve quality of life and work".

RESPONSIBILITIES :

• Security Operations and Incident Response: Serve as the primary point of contact for Managed Security Service monitoring and alerts. Provide 24x7 monitoring and incident response capabilities, including call escalation procedures and audit log monitoring.
• SOP Development and Training: Develop and maintain standard operating procedures (SOPs) for monitoring and analysis tasks. Ensure all incoming staff are adequately trained in the execution of these SOPs.
• Threat Intelligence and Reporting: Monitor threat intelligence reports, alerts , and advisories. Provide recommended actions based on intelligence received. Accurately track, manage, and record incident response activities in accordance with current federal guidelines.
• SIEM and SOAR Management: Collect, store, and analyze security logs. Create and maintain SIEM dashboards per OMB M-21-31. Lead efforts to create SOAR capabilities to augment the SOC's skills for more effective incident detection and response.

REQUIREMENTS:

• Experience: Minimum of 10 years in IT security operations, with a strong emphasis on SOC management.
• Education: Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Certifications: Must possess at least one of the following certifications: Certified Information Systems Security Professional (CISSP) , Certified Information Security Manager (CISM) , or equivalent.
• Clearance: Must be able to obtain and maintain a Public Trust clearance.
• Skills:
  • Expertise in cybersecurity products, network, and endpoint security.
  • Proficiency in Splunk's SIEM and event aggregation tool.
  • Experience with SOAR platforms and capabilities.
  • Knowledge of federal cybersecurity guidelines, including FISMA and OMB
  • Strong analytical skills and the ability to work under pressure.

DESIRED SKILLS:

• Communication: Excellent communication and interpersonal skills to interact with team members, stakeholders, and external entities effectively.
• Leadership: Demonstrated ability to lead and mentor a team of security professionals.
• Innovation: A forward-thinking approach to cybersecurity, with an eye on emerging technologies and trends in the field.