CYBERSECURITY OPERATIONS TECHNICAL LEAD (SOC ENGINEER SME)

NorthHill Technology Resources has a need for a Cybersecurity Operations Technical Lead (SOC) to lead a Federal Program in Washington, DC.  This is a direct hire role with our client, a highly respected Federal Integrator.  Excellent compensation and benefits.  US Citizenship and the ability to obtain Public Trust Clearance is required.

Cybersecurity Operations Technical Lead (SOC Engineer/SME)

Location – Onsite Washington DC
Clearance – Public Trust
Position Type – Full Time

Position Summary

We are seeking an experienced Cybersecurity Operations Technical Lead to serve as a subject matter expert (SME) and senior engineer supporting enterprise security operations. This role requires a hands-on technical leader with strong operational experience, proven ability to guide geographically dispersed teams, and deep expertise across a broad range of cybersecurity tools and processes.

The ideal candidate will combine technical excellence with leadership skills to ensure the effectiveness and maturity of our security operations capabilities, while engaging with executives, managers, and cross-functional stakeholders to strengthen the overall security posture.

Key Responsibilities

• Lead, mentor, and develop a team of cybersecurity engineers and analysts, both locally and remotely.
• Serve as the primary subject matter expert for Security Operations Center (SOC) functions.
• Implement, tune, and maintain security operations tools and processes, including Firewalls, VPN, IDS/IPS, SIEM, EDR, NDR, Anti-Virus, and content filtering systems.
• Develop and optimize security playbooks, runbooks, and incident response workflows.
• Collaborate with cross-functional teams and leadership to communicate risks, propose mitigations, and ensure adherence to enterprise security policies.
• Monitor and improve the efficiency and effectiveness of security operations through automation and advanced analytics.
• Provide technical guidance and authoritative recommendations to senior executives and program managers.

• Bachelor’s degree in Cybersecurity, Information Technology, or a closely related field.
   

• CISSP, CEH, or equivalent-level certification required.
   

• 8 years of experience implementing, tuning, maintaining, and operating enterprise security capabilities (Firewalls, VPN, IDS/IPS, SIEM, EDR, NDR, A/V, Web & Email Content Filtering, virtualized environments).
• 5 years of experience with coding and scripting languages (JSON, Java, JavaScript, Python, SQL, PowerShell, PHP, C/C , etc.).
• Proven success leading cybersecurity teams in operational environments, including remote team management.
• Strong experience interfacing with senior leadership and diverse technical teams.
   

• Excellent problem solving, analytical, and organizational skills.
• Strong time management, interpersonal, verbal, and written communication abilities.
• Ability to work effectively in complex, geographically dispersed environments.