Posted today
Top Secret/SCI
Unspecified
Unspecified
Ashburn, VA (On-Site/Office)
Company Description
Founded in 1989, SOSi is among the largest private, founder-owned technology and services integrators in the defense and government services industry. We deliver tailored solutions, tested leadership, and trusted results to enable national security missions worldwide.
Job Description
**This position is contingent upon contract award**
SOSi is seeking highly qualified Insider Threat Monitoring Lead to support a DHS enterprise cybersecurity program providing 24/7 Security Operations Center (SOC) services. These roles deliver leadership, operational oversight, and technical expertise across cyber defense, incident response, intelligence, engineering, and modernization activities.
Job Description
Leads insider-threat detection and user activity monitoring; integrates behavioral analytics and investigative workflows to identify and mitigate internal risks to CBP systems and data.
Responsibilities
Qualifications
Additional Information
Work Environment
Working at SOSi
All interested individuals will receive consideration and will not be discriminated against for any reason.
Founded in 1989, SOSi is among the largest private, founder-owned technology and services integrators in the defense and government services industry. We deliver tailored solutions, tested leadership, and trusted results to enable national security missions worldwide.
Job Description
**This position is contingent upon contract award**
SOSi is seeking highly qualified Insider Threat Monitoring Lead to support a DHS enterprise cybersecurity program providing 24/7 Security Operations Center (SOC) services. These roles deliver leadership, operational oversight, and technical expertise across cyber defense, incident response, intelligence, engineering, and modernization activities.
Job Description
Leads insider-threat detection and user activity monitoring; integrates behavioral analytics and investigative workflows to identify and mitigate internal risks to CBP systems and data.
Responsibilities
- Conduct user activity monitoring and behavioral analysis to detect insider threats.
- Correlate endpoint, network, and identity data to identify anomalous behavior.
- Support investigative workflows in coordination with forensics, CI, and OPR stakeholders.
- Develop insider-threat dashboards, alerts, and analytic use cases.
- Provide reporting and briefings on insider-threat trends and incidents.
Qualifications
- Experience: 8+ years supporting insider threat, user activity monitoring, or behavioral analytics in SOC or CI environments.
- Tools: Insider-threat platforms, UEBA, SIEM, DLP, EDR, and case management systems.
- Certifications: CISSP, GCIH, GCFA, or insider-threat-related certification preferred.
- Clearance: TS, SCI-eligible.
Additional Information
Work Environment
- Normal office conditions with potential to perform duties in various CONUS locations.
- Core hours of operation are Monday through Friday, 0600 - 1700.
- May be requested to work evenings and weekends to meet program and contract needs.
Working at SOSi
All interested individuals will receive consideration and will not be discriminated against for any reason.
group id: 10237746
N
