Posted today
Unspecified
Mid Level Career (5+ yrs experience)
Unspecified
IT - Security
Reston, VA (Off-Site/Hybrid)
Location: Reston, VA (Hybrid)
Employment Type: Full-Time | W-2
Pay: Commiserate with experience
Role Overview
We are seeking an experienced Security Operations Center (SOC) Lead to own and mature our security monitoring, incident response, and threat-hunting capabilities. This role is hands-on and operational, with responsibility for detecting, investigating, and responding to advanced cyber threats across enterprise, cloud, and endpoint environments.
The SOC Lead serves as the technical authority for SOC tooling and workflows, leads proactive threat-hunting efforts, and manages the day-to-day relationship with our Managed Detection and Response (MDR) provider. This position also carries shared engineering responsibility for SOC-related security platforms.
This role is best suited for a senior security professional who has operated a SOC, not just designed one.
Key Responsibilities
• Lead daily SOC operations, including security monitoring, alert triage, investigation, and incident response.
• Design, deploy, configure, and maintain SOC security tools, including:
◦ Endpoint Detection & Response (EDR)
◦ SIEM platforms
◦ Email security gateways
◦ MDR integrations
• Conduct proactive threat hunting across endpoint, network, and cloud environments.
• Develop and execute hypothesis-driven threat hunts using:
◦ Threat intelligence
◦ Behavioral analytics
◦ Anomaly detection
• Identify and analyze indicators of compromise (IOCs), attacker techniques, and advanced persistent threats (APTs).
• Apply and evolve detection strategies using the MITRE ATT&CK framework.
• Develop, refine, and tune security monitoring use cases in collaboration with the MDR provider.
• Research emerging threats, attack techniques, and adversary trends to improve detection and response coverage.
• Ensure operational reliability and performance of security monitoring infrastructure.
• Act as a technical escalation point during security incidents.
Required Qualifications
• Bachelor’s degree in Cybersecurity, Computer Science, or a related technical field.
• 6–8+ years of experience designing, implementing, and operating security tools in complex enterprise environments.
• 2+ years of hands-on experience in threat hunting or advanced detection.
• Strong working experience with:
◦ SIEM platforms (e.g., Splunk, QRadar)
◦ EDR solutions (e.g., CrowdStrike, SentinelOne)
◦ Log analysis and alert correlation
• Deep understanding of adversary tactics, techniques, and procedures (TTPs).
• Practical experience applying frameworks such as MITRE ATT&CK to detection and response.
• Strong analytical, troubleshooting, and incident-handling skills.
• Ability to collaborate across technical and non-technical teams and communicate clearly during high-pressure situations.
• Authorization to work in the United States.
Preferred Experience
• Experience operating SOCs in financial services or other highly regulated environments.
• Familiarity with compliance-driven security programs and audit requirements.
• Experience managing or integrating with third-party MDR or MSSP providers.
• Exposure to cloud security monitoring and hybrid enterprise environments.
Employment Type: Full-Time | W-2
Pay: Commiserate with experience
Role Overview
We are seeking an experienced Security Operations Center (SOC) Lead to own and mature our security monitoring, incident response, and threat-hunting capabilities. This role is hands-on and operational, with responsibility for detecting, investigating, and responding to advanced cyber threats across enterprise, cloud, and endpoint environments.
The SOC Lead serves as the technical authority for SOC tooling and workflows, leads proactive threat-hunting efforts, and manages the day-to-day relationship with our Managed Detection and Response (MDR) provider. This position also carries shared engineering responsibility for SOC-related security platforms.
This role is best suited for a senior security professional who has operated a SOC, not just designed one.
Key Responsibilities
• Lead daily SOC operations, including security monitoring, alert triage, investigation, and incident response.
• Design, deploy, configure, and maintain SOC security tools, including:
◦ Endpoint Detection & Response (EDR)
◦ SIEM platforms
◦ Email security gateways
◦ MDR integrations
• Conduct proactive threat hunting across endpoint, network, and cloud environments.
• Develop and execute hypothesis-driven threat hunts using:
◦ Threat intelligence
◦ Behavioral analytics
◦ Anomaly detection
• Identify and analyze indicators of compromise (IOCs), attacker techniques, and advanced persistent threats (APTs).
• Apply and evolve detection strategies using the MITRE ATT&CK framework.
• Develop, refine, and tune security monitoring use cases in collaboration with the MDR provider.
• Research emerging threats, attack techniques, and adversary trends to improve detection and response coverage.
• Ensure operational reliability and performance of security monitoring infrastructure.
• Act as a technical escalation point during security incidents.
Required Qualifications
• Bachelor’s degree in Cybersecurity, Computer Science, or a related technical field.
• 6–8+ years of experience designing, implementing, and operating security tools in complex enterprise environments.
• 2+ years of hands-on experience in threat hunting or advanced detection.
• Strong working experience with:
◦ SIEM platforms (e.g., Splunk, QRadar)
◦ EDR solutions (e.g., CrowdStrike, SentinelOne)
◦ Log analysis and alert correlation
• Deep understanding of adversary tactics, techniques, and procedures (TTPs).
• Practical experience applying frameworks such as MITRE ATT&CK to detection and response.
• Strong analytical, troubleshooting, and incident-handling skills.
• Ability to collaborate across technical and non-technical teams and communicate clearly during high-pressure situations.
• Authorization to work in the United States.
Preferred Experience
• Experience operating SOCs in financial services or other highly regulated environments.
• Familiarity with compliance-driven security programs and audit requirements.
• Experience managing or integrating with third-party MDR or MSSP providers.
• Exposure to cloud security monitoring and hybrid enterprise environments.
group id: 91120852
