Security Operations Center (SOC) Manager 

Send Resume

Organization: Department of Education
Location: Washington, DC

Terms: Full Time Employment
Salary: Based on experience, education and certification
Clearance: Top Secret/ Agency Public Trust

Job Description

The Department of Education (DoED) Security Operations Center (SOC) is a US Government program responsible for monitoring, detecting, analyzing, mitigating, and responding to cyber threats against Department assets, networks, and information.  The environment includes local area networks/wide area networks (LAN/WAN), commercial Internet connections, public facing websites, wireless, mobile/cellular, cloud, security devices, servers and workstations.

Duties include:

  • Lead and manage a 24x7x365 Security Operations Center providing technical oversight.
  • Lead staff to proactively identify, prevent and respond to security incidents.
  • Ensure incident identification, assessment, quantification, reporting, communication, mitigation and monitoring.
  • Ensure compliance to Service Level Agreements (SLA), process adherence and process improvisation to achieve operational objectives and mitigate threats.
  • Revise and develop processes to strengthen the current operational activities; review policies and recommend changes to improve governance.
  • Responsible for team management, personnel scheduling, overall use of resources and initiation of corrective action where required for Security Operations Center.
  • Management, administration & maintenance of security devices under the purview of the Dept of Education.
  • Perform threat management, threat modeling, identify threat vectors and develop use cases for security monitoring.
  • Responsible for integration of standard and non-standard logs in SIEM
  • Creation of reports, dashboards, metrics for SOC operations and presentation to client.
  • Co-ordinate with stakeholders to build and maintain positive working relationship; this include subordinate SOCs supporting the organization.

Required education and Skills

 

 


Desired skills and certifications

  • Bachelor of Science from accredited institution.
  • Strong knowledge of incident management, problem management and change management best practices.
  • Superior communication skills and ability to brief senior government officials.
  • 3+ years of Information Security / Cybersecurity experience.
  • 2+ years working in a security or network operations center.
  • 2+ years in a leadership role.
     
  • Experience networking and telecommunications integration, design and architecture.
  • Hold at least one relevant industry certifications (GCIH, GCED, CISSP, CISA, CISM, etc.)
  • Understanding of SIEM tools such as Splunk, ArcSight, RSA, McAfee ePO, etc.
  • Experience building and maintaining a high performance team of analysts.
  • Expertise with industry standard frameworks (ISO, NIST, PCI).
  • Experience maintaining metrics and SLAs.