Job DescriptionThis position will be responsible for managing a Security Operations Center (SOC) tools, team members and engineering SOC tools solutions. This will include security architecture, design, analysis and testing for Health and Human Services (HHS). It also includes gathering technical requirements, developing complex solutions, testing of architecture solutions, and implementation oversight. The position also involves developing and briefing various SOC performance reports, conducting and making recommendations on vulnerability assessments and technical management of security incidents.
This position will be responsible for managing a Security Operations Center (SOC) tools, team members and engineering SOC tools solutions. This will include security architecture, design, analysis and testing for Health and Human Services (HHS). It also includes gathering technical requirements, developing complex solutions, testing of architecture solutions, and implementation oversight. The position also involves developing and briefing various SOC performance reports, conducting and making recommendations on vulnerability assessments and technical management of security incidents.
Job Specific Responsibilities:- Manage and supervise SOC Tools Analysts as well as provide guidance and delegation. You will manage a team of 5 in this role.
Provide security analysis for integrated security solutions related to design, development, and integration of:- Man-Machine Interfaces.
- System level requirements.
- Develop moderately complex security designs and test plans using existing technology.
- Prepare technical proposals for presentation to HHS and other stakeholders to update existing security technologies and add new technologies to the network.
- Work closely with the SAIC SOC Program Manager to identify and recommend process and system improvements to the HHS program.
- Create relevant documentation for changes to the current security architecture and provide customer facing technical presentations as needed.
- Drive the capabilities and execution to effectively optimize and improve HHS security.
- Demonstrate expert level knowledge of security services and implementations.
- Provide technical oversight and direction to SOC personnel.
- Investigate, positively identify, and document anomalous events and incidents that are escalated by Tier 2 analysts.
- Conduct risk analysis and convert it into actionable monitoring recommendations to be conducted by the SOC.
- Recommend remediation and mitigation strategies and implementations based on the results of vulnerability assessments.
- Provide support for security incidents throughout the incident lifecycle as needed and make recommendations to ensure the County infrastructure is protected.
- Work with the SAIC SOC Program Manager to develop a metrics program to report on overall SOC performance and effectiveness.
- Effectively communicate to personnel at all levels from the Executive Office to the technician both verbally and in writing.
VENDORS/TOOLS/MANAGEMENT SYTEMS:- Splunk
- ServiceNow
- Palo Alto
- Archer
- Nessus
- Microsoft Exchange Online Protection
- CrowdStrike
- Trellix (NX/CM/AX)
- Cisco ISE
QualificationsREQUIRED QUALIFICATIONS & EXPERIENCE:- Bachelor's degree in computer science, Engineering, Information Technology, Cybersecurity or related field and a minimum of 5 years of experience. 7 years of experience is highly preferred. May consider an additional 4 years of experience in lieu of a degree.
- 3+ years of Cyber Security / SOC experience.
- Must be a US citizen with the ability to obtain a Public Trust.
- 2+ years of Team Leadership/Management experience.
- Demonstrated Experience with Risk Analysis.
- Demonstrated Experience Briefing Sr. Leaders.
DESIRED QUALIFICATIONS & EXPERIENCE:- Certified Information Systems Security Professional (CISSP).
- Experience in Information Assurance Policy and Guidelines.
- NIST Special Publication 800-53.
- NIST Cybersecurity Framework.
- ITIL® Foundation Level or higher Certification.
Location: While this role is primarily remote, there is a preference for someone to live within the DC Capitol Region to come onsite at times. 
