Security Operations Center Program Manager

About PUNCH:

We’re problem solvers first & foremost. PUNCH’s origin story involves frustration with available INFOSEC tools and techniques—we came up thru the industry using these inefficient tools and decided there had to be a better way. We bring this laser focus on efficiency to every customer engagement.

We have trust as a hallmark in everything we do. PUNCH provides its team members with the maximum amount of ownership over their careers, the direction of the company, and the flexibility & freedom to accomplish their job without interference. Trust requires accountability; we live that, company-wide.

We back each other up. PUNCH is a supportive place to work. We’ve worked hard to create an environment that makes people better, encourages teamwork, and rewards a “pitch in” mentality.

We give back. To those in need. To the community. To the industry.

Does this sound like you?

Role Overview:

PUNCH is seeking a seasoned SOC Manager to lead a large-scale, 24/7 Security Operations Center (SOC) in support of a large U.S. Government agency. The SOC includes two major functional units—an operational team (monitoring, detection, and incident response) and a threat analysis team (hunting, malware analysis, intelligence integration). You must possess a SECRET security clearance.

This leadership role is ideal for someone who has operated at scale - running SOCs in complex hybrid (on-prem/cloud) environments—and who understands the tactical, strategic, and organizational levers of effective cyber defense. The ideal candidate is a builder, mentor, and communicator who thrives in high-tempo mission spaces and can manage teams across shifts and specializations.

Responsibilities:

- Manage the full operational lifecycle of a 24/7 SOC supporting a critical federal mission

- Lead subordinate managers and analysts across SOC Operations and Threat Hunt/Analysis teams

- Drive strategy, staffing, workflow optimization, and process improvement within the SOC

- Oversee incident response activities in alignment with all five functions of the NIST Cybersecurity Framework

- Maintain readiness for hybrid environments (on-premises and cloud infrastructure)

- Coordinate escalations, shift transitions, and analytic coverage across rotating teams

- Communicate with senior government leadership, external mission partners, and internal stakeholders

- Implement and track performance metrics aligned to mission impact and SOC maturity

- Identify risks, gaps, and opportunities for automation, upskilling, and tooling improvements

- Ensure compliance with Treasury security policies and federal standards

Required Qualifications:- Bachelor’s degree (or 3 additional years of experience in lieu of degree)

- 10 years of SOC management experience, including 5 years managing hybrid (on-prem/cloud) SOCs

- 10 years of experience in incident response across enterprise-scale environments (50,000 endpoints)

- Deep familiarity with NIST Cybersecurity Framework and federal incident response protocols

- Demonstrated success influencing practices and communicating with senior stakeholders

- Experience leading large, distributed teams in a mission-critical setting

Preferred:

- Experience supporting Department of Treasury or other federal financial agencies

- Familiarity with SIEM, SOAR, EDR, and threat intel platforms

- Active certification such as CISSP, CISM, or GIAC