Koniag Government Services

Cybersecurity Operations Technical Lead (SOC Engineer/SME)

Koniag Government Services$100K — $130K *
Information Technology
8 - 10 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in Cybersecurity, IT, Computer Science, or related field
  • 8+ years in cybersecurity operations, with 3+ in a technical lead or SME role
  • Experience with federal government cybersecurity programs
  • One or more certifications: CISSP, GSOC, GCIH, GCED, CSA
  • Exceptional English communication and presentation skills

Responsibilities

  • Serve as the technical SME for SOC operations, guiding analysts through incident responses
  • Lead incident response activities including triage, containment, and recovery
  • Oversee continuous monitoring of SBA systems using various security technologies
  • Develop and maintain SIEM use cases and alerting thresholds
  • Conduct advanced threat hunting to identify indicators of compromise
  • Analyze security events and provide actionable intelligence to stakeholders
  • Collaborate with teams to maintain SOPs and playbooks for SOC operations

Benefits

  • Mentorship and professional development opportunities
  • Hands-on technical support with a leading cybersecurity team
  • Direct involvement in critical government security initiatives
  • Engagement with federal cybersecurity frameworks and compliance
  • Opportunity to impact the organizational cybersecurity posture significantly
Full Job Description
Koniag Data Solutions, a Koniag Government Services company, is seeking an experienced Cybersecurity Operations Technical Lead to support the U.S. Small Business Administration (SBA). The ideal candidate is a seasoned cybersecurity professional with deep technical expertise in Security Operations Center (SOC) operations, threat detection, and incident response. This individual will serve as a subject matter expert (SME), providing technical leadership and guidance to a team of cybersecurity analysts while working closely with SBA stakeholders to protect critical government systems and data. The Cybersecurity Operations Technical Lead will serve as the senior technical expert within the SOC, providing leadership, mentorship, and hands-on technical support for all cybersecurity operations activities supporting the SBA. Principal responsibilities will include but are not limited to: - Serve as the primary technical subject matter expert (SME) for SOC operations, providing guidance and oversight to cybersecurity analysts in the detection, analysis, and response to security incidents. - Lead and coordinate incident response activities, including triage, containment, eradication, recovery, and post-incident review in accordance with SBA policies and federal guidelines. - Oversee continuous monitoring of SBA networks, systems, and endpoints using SIEM platforms, IDS/IPS tools, and other security technologies to identify and respond to potential threats and anomalies. - Develop, tune, and maintain SIEM use cases, detection rules, correlation logic, and alerting thresholds to improve threat detection capabilities and reduce false positives. - Conduct advanced threat hunting activities to proactively identify indicators of compromise (IOCs), tactics, techniques, and procedures (TTPs) leveraged by threat actors targeting SBA systems. - Perform in-depth analysis of security events, logs, network traffic, and endpoint telemetry to identify malicious activity and provide actionable intelligence to SBA leadership and stakeholders. - Collaborate with SBA IT and security teams to develop, refine, and maintain Standard Operating Procedures (SOPs), playbooks, and runbooks for SOC operations and incident response activities. - Provide technical mentorship and training to junior and mid-level SOC analysts, fostering professional development and elevating the overall capability of the team. - Support vulnerability management activities, including the review and analysis of vulnerability scan results and coordination with system owners on remediation efforts. - Prepare and deliver detailed technical reports, briefings, and after-action reviews (AARs) to SBA leadership, documenting incident timelines, findings, and recommended corrective actions. - Ensure SOC operations align with federal cybersecurity frameworks, policies, and compliance requirements, including NIST, FISMA, and DHS/CISA guidance. - Coordinate with external stakeholders, including US-CERT, CISA, and other federal agencies, as necessary, during significant cybersecurity incidents or threat campaigns. - Support the continuous improvement of SOC processes, tools, and technologies to enhance operational efficiency and the overall cybersecurity posture of the SBA. Education and Experience: Required: - Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field from an accredited college or university. - 8+ years of progressive experience in cybersecurity operations, with at least 3 years in a technical lead, senior analyst, or SME role within a SOC environment. - Demonstrated experience supporting federal government cybersecurity programs and operations. - One or more of the following certifications: - Certified Information Systems Security Professional (CISSP) - GIAC Security Operations Certified (GSOC) - GIAC Certified Incident Handler (GCIH) - GIAC Certified Enterprise Defender (GCED) - Certified SOC Analyst (CSA) Desired: - Master's degree in Cybersecurity, Information Assurance, or a related field. - 10+ years of cybersecurity operations experience within a federal government or defense contracting environment. Required Skills and Competencies: - Exceptional communication skills in English - both written and oral - with the ability to convey complex technical information clearly to both technical and non-technical audiences, including senior government leadership. - Deep technical expertise in SOC operations, including security event monitoring, incident detection, triage, and response. - Extensive hands-on experience with SIEM platforms (e.g., Splunk, Microsoft Sentinel, ArcSight, or similar) including use case development, rule tuning, and dashboard creation. - Strong knowledge of network security concepts, including TCP/IP, DNS, HTTP/S, firewalls, IDS/IPS, and network traffic analysis tools such as Wireshark or Zeek. - Proficiency in endpoint detection and response (EDR) tools and methodologies for investigating host-based threats and anomalies. - Experience with threat intelligence platforms and the ability to operationalize threat intelligence to improve detection and response capabilities. - Strong understanding of the MITRE ATT&CK framework and its application to threat detection, threat hunting, and incident response. - Demonstrated experience developing and maintaining incident response playbooks, SOPs, and runbooks. - Knowledge of federal cybersecurity frameworks and compliance requirements, including NIST SP 800-53, NIST SP 800-61, FISMA, and CISA guidance. - Experience conducting log analysis across diverse data sources, including Windows Event Logs, Syslog, cloud platform logs, and application logs. - Ability to lead and mentor a team of cybersecurity analysts in a fast-paced operational environment. - Ability to obtain and maintain a Public Trust Clearance. Desired Skills and Competencies: - Prior experience supporting SBA or other federal civilian agency cybersecurity programs. - Experience with cloud security monitoring and operations in AWS, Azure, or GCP environments. - Familiarity with Security Orchestration, Automation, and Response (SOAR) platforms and scripting languages (e.g., Python, PowerShell) for automation of SOC workflows. - Knowledge of Zero Trust Architecture principles and implementation within a federal environment. - Experience with digital forensics and malware analysis techniques. - Familiarity with CDM (Continuous Diagnostics and Mitigation) program tools and requirements. - GIAC Certified Forensic Analyst (GCFA) or GIAC Reverse Engineering Malware (GREM) certification. - Experience supporting FedRAMP authorized cloud environments.

About Koniag Government Services

Koniag Government Services Careers

Join the dynamic team at Koniag Government Services, a leader in providing innovative solutions to government clients. This esteemed company offers a plethora of job opportunities that pave the way for professional growth and career advancement in a diverse and inclusive environment.

Explore Career Opportunities

Koniag Government Services is actively hiring and offers a range of positions that cater to various skills and experiences. Whether you're a seasoned professional or a recent graduate, Koniag Government Services provides a platform to enhance your career through meaningful work in a supportive culture.

Innovation and Leadership

At the forefront of innovation, Koniag Government Services encourages its team to lead with creativity and strategic thinking. The company is committed to leadership development and diversity training, ensuring that all team members have the opportunity to excel and contribute to industry-leading projects.

Professional Growth and Development

Koniag Government Services is dedicated to the professional development of its employees. With comprehensive benefits, competitive employment packages, and opportunities for advancement, the company supports its team in achieving their career goals. Networking within the company and industry is encouraged, fostering a community of learning and mutual growth.

Internship Programs

For those starting their career journey, Koniag Government Services offers internship programs that provide real-world experience and a pathway to full-time employment. Interns gain valuable industry knowledge and develop essential skills under the guidance of experienced mentors.

Commitment to Diversity and Inclusion

Diversity is at the core of Koniag Government Services' values. The company is committed to creating an inclusive environment where diverse voices are heard and valued. Diversity training is integral, equipping the team with the tools to thrive in a multicultural setting.

Applying for a Position

To apply for a position at Koniag Government Services, candidates should prepare a resume that highlights relevant experience and skills. The interview process is designed to assess fit both for the role and the company culture, ensuring alignment with the team’s values and objectives.

Stay Connected with Koniag Government Services Careers

Explore the various job opportunities and embark on a path of professional growth and innovation. Koniag Government Services is not just a workplace but a community where careers flourish in an environment of respect, integrity, and continuous learning.

Search Koniag Government Services Jobs

Discover the exciting career opportunities available at Koniag Government Services. Search for open positions that match your skills and interests, and join a team that values curiosity, creativity, and collaboration.

Keep Up to Date

Stay informed with the latest career tips, industry insights, and company updates directly from Koniag Government Services. Engage with content that can transform your professional journey and lead to rewarding opportunities.

Job Alert Emails

Personalize your subscription to receive job alerts and insider tips tailored to your preferences from Koniag Government Services. See what exciting and rewarding opportunities await in the field of government services.
Learn more about Koniag Government Services
Size
501 employees
Industry

Similar Jobs

More Jobs at Koniag Government Services

More Information Technology Jobs

Find similar Cybersecurity Operations Technical Lead (SOC Engineer/SME) jobs: