SOC Chief Sr.

Job Description
ECS is seeking a SOC Chief Sr. to work in our Washington, DC office.

ECS Federal is a leading information security and information technology company in Washington, DC. We are looking to hire a Senior Security Operation Center (SOC) Manager to provide a full range of cybersecurity services on a long-term contract in Washington DC. The position is full time/permanent and will provide 24x7x365 support for a US Government civilian agency. The position is available immediately upon finding a qualified candidate with the appropriate background clearance.

Position Responsibilities:

• Responsible for development and leadership of a 24x7x365 SOC, to include establishment of the mission, SOC maturity and optimizing, task management, playbook development and maintenance, and developing and deploying an integrated NOC/SOC model.
• Perform the SOC Chief activities to include project tracking schedules, risk registers, and risk and issue mitigation strategies for SOC and incident response activities.
• Ensure the timeliness and quality of deliverables so that all information and data are accurate and complete;
• Lead Information Security GAP Analysis review;
• Perform administrative functions such as reviewing performance and operations to ensure appropriate performance;
• Ensure effective coordination, collaboration, and communication with federal personnel;
• Serve as the primary incident commander for all cybersecurity incidents;
• Must possess a functional understanding of log and monitoring management systems, security event monitoring systems, network-based and host-based intrusion detection systems, firewall technologies, malware detection and enterprise-level antivirus solutions/systems.
• Must have demonstrated experience with managing and ensuring the timely response and investigations of security events and incidents by the Security Operations Center (SOC).
• Have demonstrated experience with developing and facilitating cybersecurity tabletop exercises for technical and non-technical personnel.
• Must possess a working knowledge of regulatory security compliance requirements.
• Familiarity with White House Executive Orders (OE) on improving the Nation's Cybersecurity and subsequent Office of Management and Budget (OMB) memorandums.
• Familiarity with FISMA monitoring and reporting requirements.
• Must have experience with conceptualizing, developing, publishing and communicating status reports for executive leadership.
• Work closely with client CISO and cybersecurity leadership to identify implement process changes, improvements and efficiencies, and ensure solid security practices.
• Develop and administer SOC processes and review their application to ensure that SOC's controls, policies, and procedures are operating effectively.
• Establish and maintain excellent working relationships/partnerships with the cybersecurity and infrastructure support teams throughout the Information Technology organization, as well as business units.
• Play a significant role in long-term SOC strategy and planning, including initiatives geared toward operational excellence.
• Execute security operations processes, identify and measure critical security operations metrics, and continually improve the efficiency and effectiveness of all core services in scope.
• Manage and develop SOC team members, including mentoring, task management, and capability/skill development.
• Provide a framework for team members to be successful in achieving team goals and individual performance objectives.
• Provide security expertise to the SOC team leveraging industry leading practices.
• Ensures all pertinent information is obtained to allow for the identification, containment, eradication, and recovery actions to occur in a time sensitive environment.
• Recommends implementation of countermeasures or mitigating controls
• Resolve or coordinate the resolution of cybersecurity events/incidents.
• Participate in root cause analysis or lessons learned sessions.
• Collaborates with technical and threat intelligence and threat hunt analysts to provide indications and warnings and contributes to predictive analysis of malicious activity.
• Must have experience with creating and maintaining shift schedules to ensure 24x7x365 coverage by operations support personnel.

Salary Range: $175,000 - $200,000

Required Skills
Security Requirements:

• Top Secret, SCI eligible

Job Requirements:

• 8+ years of Information Technology experience, with at least 5 years of experience in information security working within security operations
• 7-10+ years of experience in SOC operations and incident response including SOC management and an IR commander role.
• Experience with maturing and optimizing SOCs.
• Experience with utilizing Cyber Threat Intelligence to enhance security operations, and threat detections and response.
• Preferred experience with developing and deploying an integrated NOC/SOC model.
• Excellent problem solving, critical thinking, and analytical skills with the ability to de-construct problems.
• Strong customer service skills and decision-making skills
• Working knowledge of cloud infrastructure preferred
• Career proven knowledge and experience with log, network, and system forensic investigation techniques
• Significant experience performing analysis of log files from a variety of sources, to include individual host logs, network traffic logs, firewall logs, or intrusion prevention logs.
• Significant experience with host and network analysis
• Experience with reading malware analysis reports
• Knowledge of diverse operating systems, networking protocols, systems administration and security technologies
• Intelligence driven defense utilizing the Cyber Kill Chain (CKC) and MITRE ATT&CK
• Significant experience monitoring threats via a SIEM console
• Candidate must have familiarity with US-CERT Federal Incident Notification Guidelines
• Azure, Azure Sentinel, Microsoft 365 Defender (across endpoint, email, and collaboration) experience preferred.
• Working knowledge of FireEye/Trellix tools, Akamai WAF, Sourcefire, and Ironport.

Personal Attributes:

• Strong sense of professionalism and ethics.
• Actively seeks to enhance the group through the sharing of knowledge.
• Acts with integrity and communicates honestly and openly.
• Ability to build rapport and cooperation among teams and internal stakeholders.
• Respects others and demonstrates fair treatment to all.
• Methodical and detail oriented
• Self-motivated
• Ability to work in a high-pressure environment with changing priorities;

Certifications/Licenses:

• Bachelor's degree in computer science or related field or equivalent work experience
• Certified Information Systems Security Professional (CISSP)

Desired Skills
Desirable Certification(s):

• CompTIA Network + and Security +
• EC Council Certified Ethical Hacker (CEH)
• CERT Certified Computer Security Incident Handler (CSIH)
• Formal IT Security/Network Certification such as SANS GIAC Certified Intrusion Analyst (GCIA), SANS GIAC Network Forensic Analyst (GNFA), SANS GIAC Information Security Fundamentals (GISF), or SANS GIAC Certified Incident Handler (GCIH)

Additional Experience Preferred:

• Previous SOC/CIRT experience at a federal agency similar in size, scope, and complexity
• Experience with NIST 800-61 Rev 2 and responding to incidents while following the Incident Life Cycle
• Experience in Azure and AWS cloud environments
• Experience in Security threats and vulnerabilities
• Experience in Security technologies and countermeasures
• Experience in TCP/IP networking concepts
• Experience in Firewall technologies
• Experience in IDS/IPS (Network and Host based)
• Experience in Windows and UNIX/Linux operating environments
• Experience examining memory and host-based logs.

#ECS1

ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.

ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3200+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.