Security Operations Center (SOC) Manager- TS clearance/CISSP cer

The U.S. Customs and Border Protection (CBP) Cyber Security Directorate (CSD) is leading one of the most comprehensive, mission critical cybersecurity operations in the federal government-protecting the digital infrastructure that safeguards America's borders. This multifaceted program spans 24/7/365 Security Operations Center (SOC) monitoring, advanced threat intelligence, forensics, incident response, cloud and network security engineering, zero trust modernization, vulnerability assessment, and enterprise-wide risk and compliance activities.

Key Leads on this program will guide teams at the forefront of national security, supporting sophisticated cyber operations that defend vital systems, enable secure mission execution, and counter rapidly evolving threats. You will find this work uniquely impactful, fast-paced, and deeply collaborative, offering the opportunity to lead high performing technical teams, shape CBP's cybersecurity strategy, and contribute directly to the protection of the nation.

MEANINGFUL WORK AND PERSONAL IMPACT

As the Security Operations Center (SOC) Manager, you will define the strategic direction, operational effectiveness, and continual advancement of the organization's cybersecurity defense capabilities. You will oversee a team of security analysts and engineers responsible for continuous monitoring, threat detection, incident analysis, and response activities across all information systems, including environments handling sensitive or classified data. You will:

• Guide the full suite of SOC functions, ensuring efficient detection, triage, analysis, and remediation of security events.
• Act as the top-level escalation authority for complex or high-severity incidents, guiding teams through containment, investigation, recovery, and follow-up actions.
• Build and refine SOC operational frameworks, including procedures, workflows, and long-term capability development.

WHAT YOU'LL NEED TO SUCCEED

• Active TS Clearance is required with SCI eligibility.
• Minimum of five (5) years' experience p in cybersecurity, including at least five years in a leadership capacity within a SOC or similar security operations environment.
• Strong technical background across SIEM technologies, endpoint security tools, incident response techniques, and network security fundamentals.
• Solid understanding of enterprise network architecture and security controls.
• CISSP certification required
• Support team growth through coaching, skills development, and performance management, cultivating a disciplined and collaborative operating environment.
• Maintain compliance with all applicable federal, agency, and internal cybersecurity standards and directives.
• Work closely with technical, operational, and leadership partners to ensure security operations align with organizational priorities and risk tolerance.
• Prepare briefings, dashboards, and executive-level summaries outlining SOC performance, key risks, and emerging threat patterns.
• Oversee core SOC technologies such as SIEM platforms, EDR solutions, and threat intelligence tools, ensuring their effective use and continuous enhancement.
• Stay informed about evolving threat landscapes, attacker behaviors, and cybersecurity best practices to guide program improvements.
• Experience supporting federal or highly regulated operational environments preferred.
• Familiarity with cloud based security operations and modern security orchestration tools.

EDUCATION AND EXPERIENCE

• Bachelor's degree in cybersecurity, computer science, engineering, or a related technical area.
• Previous or Current CBP Background Investigation desired.
• Mus be a certified Information Systems Security Professional (CISSP)
• Certifications such as CISM, GCIH, GIAC, or equivalent credentials preferred.

OWN YOUR OPPORTUNITY
Explore a career in cyber security at GDIT and you'll find endless opportunities to grow alongside colleagues who share your passion for securing the mission.