SOC Night Shift Lead

MANTECH seeks a mission-focused SOC Night Shift Lead to support our fast-paced Cyber Security Operations Center (SOC) in Mclean, VA.

This full-time, night-shift position is essential to guiding SOC analysts, leading complex investigations, and defending against sophisticated cyber threats. You will play a key leadership role in shaping the SOC's operations, promoting critical thinking, and maintaining excellence in cybersecurity incident response.

Responsibilities include, but are not limited to:

• Supervision of SOC Personnel: Oversee the daily activities of SOC analysts during the nighttime shift, ensuring adherence to processes and efficient operations
• Quality Control of Investigations: Review and ensure the accuracy, thoroughness, and quality of investigations and incident responses conducted by the team
• Incident Reporting & Communication: Serve as the primary point of contact for individuals and teams reporting security issues. Ensure effective communication with stakeholders, addressing concerns and providing timely updates
• Lead Team Investigations: Facilitate and lead complex investigations involving the entire team, leveraging both technical expertise and strategic thinking to drive incidents to resolution
• Coaching and Mentoring: Guide, coach, and mentor SOC analysts to continuously improve their investigative skills and incident response capabilities
• Socratic and Scientific Methodologies: Utilize a combination of Socratic questioning and the Scientific Method to foster critical thinking, helping the team develop hypotheses and systematically test them to arrive at confident resolutions
• Tool Utilization: Ensure effective use of various cybersecurity tools, including SIEM, IDS/IPS, EDR, and threat intelligence platforms, optimizing their application in detecting and mitigating cyber threats
• Incident Escalation: Act as the primary escalation point for complex incidents, determining appropriate escalation paths when necessary
• Shift Handover: Ensure smooth handovers between shifts, providing clear and concise updates on ongoing incidents and investigations
• This is for a night shift position

Minimum Qualifications:

• High School Diploma with proven experience in a SOC environment
• 3+ years of experience as a cyber security analyst, incident responder, or other closely related cyber security discipline.
• Strong understanding of cyber threat landscapes, attack vectors, and defense mechanisms
• Experience using a variety of cybersecurity tools, including SIEM, IDS/IPS, EDR, and other monitoring platforms
• Excellent problem-solving skills and experience applying the Scientific Method to cyber investigations
• Demonstrated ability to coach and mentor junior personnel

Preferred Qualifications:

• 4+ years of experience as a cyber security analyst, incident responder, or other closely related cyber security discipline.
• Strong interpersonal communication skills, with the ability to effectively communicate complex technical issues to non-technical stakeholders
• Relevant certifications (e.g., GCIH, GCFA, GCFE, CySA+, etc.)
• Familiarity with incident response frameworks such as NIST or MITRE ATT&CK
• Experience leading investigations in an enterprise-level environment
• Strong preference for experience in using endpoint detection and forensic tools such as EDR, Sysmon, memory forensics, etc.
• Experience in network analysis using netflow, pcap, and proxy log analysis is also highly preferred

Clearance Requirements:

• An active/current TS/SCI with Polygraph clearance is required.

Physical Requirements:

• Must be able to remain in a stationary position 50% of the time.
• Needs to occasionally move about inside the office to access file cabinets, office machinery, etc.
• Frequently communicates with co-workers, management, and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations.