SOC Team Lead

About Concept Plus

Concept Plus is a mission-focused technology solutions provider that transforms IT concepts into impactful solutions for federal agencies. Headquartered in Fairfax, VA, we bring the agility, responsiveness, and customer intimacy of a small business combined with the quality and infrastructure of a larger firm.

Recognized as an award-winning Oracle partner, we have delivered innovative solutions across Defense, Intelligence, Civilian, Health IT, and Tribal sectors. Our highly certified experts build systems that drive efficiency, accelerate modernization, and ensure mission outcomes with certainty.

We offer competitive pay, comprehensive health, dental, and vision insurance, paid life insurance, paid time off, 11 paid holidays, performance bonuses, tuition reimbursement, unlimited training, and the opportunity to thrive in a collaborative, flexible, and innovative environment.

For more information, visit .

About the role

Concept Plus is seeking a SOC Manager to provide strategic leadership and operational oversight for the Enterprise Cybersecurity Operations Support Team. This role is responsible for leading a small team of analysts, directing cyber defense operations, and ensuring continuous protection of mission critical information systems. The SOC Manager drives compliance with FISMA/NIST requirements, DoW cybersecurity mandates, and organizational security policies while advancing the maturity, efficiency, and responsiveness of the SOC. This position is key to maintaining situational awareness, coordinating incident response, and strengthening the customer's overall cyber defense posture.

What you'll do

• Lead, mentor, and develop the SOC analyst team, fostering a mission ready, disciplined, and high performance environment in support of Department of War cybersecurity operations.
• Establish strategic objectives for SOC operations, ensuring processes, staffing, and capabilities align with DoW priorities, cybersecurity policy, and federal compliance requirements.
• Serve as the primary operational lead for enterprise cyber defense monitoring and incident management, coordinating with senior DoW stakeholders to maintain cybersecurity readiness.
• Oversee real time detection, triage, and analysis of cyber events; guide escalation, containment, and remediation actions; and direct major incident response activities in coordination with the ISSM to ensure continuity of operations.
• Ensure accurate correlation, validation, documentation, and tracking of security events, trends, and recommended defensive actions to bolster mission assurance across DoW systems.
• Manage enterprise cybersecurity tools-including SIEM, IDS/IPS, HIPS/HBSS, packet capture, filtering, and vulnerability scanning platforms-to ensure operational readiness and alignment with Department of War cybersecurity standards.
• Conduct continuous assessments of network and system security posture, reviewing deployments and configuration changes for operational risk and compliance with DoW cybersecurity directives.
• Lead threat intelligence and vulnerability management activities, ensuring timely application of IAVM and DISA VDP requirements and providing actionable intelligence for defensive operations.
• Refine detection signatures, correlation logic, and monitoring methodologies based on Department of War threat intelligence and known adversary TTPs.
• Advise on cybersecurity architecture, defensive tool configurations, and capability enhancements to support Defense in Depth strategies across DoW information systems.
• Develop, maintain, and enforce SOC policies, procedures, and operational playbooks in accordance with Department of War and federal cybersecurity standards.
• Identify opportunities to automate, streamline, or modernize SOC workflows, evaluating emerging technologies that enhance operational effectiveness and improve the DoW cyber defense posture.

Required Qualifications

• US Citizen
• Bachelor's degree in Computer Science or related field.
• 5+ years of experience in security operations or cyber defense roles, including
• 2+ years of leadership or supervisory experience.
• Proven experience supporting environments governed by FISMA/NIST and DoW cybersecurity requirements.
• Strong understanding of TCP/IP, system administration, OSI model, Zero Trust, defense in depth, and common security technologies.
• Hands on experience with enterprise security tools, including AV, IDS/IPS, HIPS/HBSS, packet capture, and network forensics.
• Experience using ACAS, SPL (Splunk), KQL (Sentinel), and applying malware analysis concepts.
• Ability to obtain or maintain a Secret clearance.
• DoD 8140 Certification Requirements
• • IAT Level III baseline certification required: CISSP (or equivalent).
  • Compliant for CSSP Analyst within 6 months of hire (CEH, CySA+, GCIA, GCIH, GICSP, PenTest+, Cloud+, CFR, CCNA Cyber Ops, SCYBER).

Preferred Qualifications

• Microsoft Security Operations Analyst certification.

Concept Plus is an Equal Opportunity Employer. As such, we will give your application full consideration without regard to your race, color, religion, sex, age, national origin, disability, veteran status, sexual orientation, gender identity, or any other classification protected by federal, state, or local law.