SOC Manager

Text SOCPRO to 202-915-6172 to apply!

Since 2009, MindPoint Group has been the cybersecurity firm of choice for the most security-conscious US federal agencies and commercial enterprises.

We're proud to be one of Inc. 5000's fastest-growing companies in the country. With several 'Best Places to Work' awards under our belts, we have a diverse employee-focused culture, accessibility, and communication between all levels and departments, and over 4 stars in reviews on Glassdoor.

Come be a part of what we're building. We use our award-winning recruitment process to seek the most skilled, experienced, and driven information security consulting experts in the industry, while simultaneously empowering applicants to determine if MindPoint Group is the right fit for them. We are profoundly invested in selecting the right people to join our team and are equally driven to expand and develop careers long-term.

With positions throughout the US, a role at MindPoint Group promises you:

• An opportunity to work within one of the most diverse DC-based organizations
• Generous tuition and professional development reimbursements
• Mentorship opportunities with leaders focused on your growth
• Competitive benefits like 401k matching, 11 federal holidays, etc.
• And more!

Job Description

This role is contingent upon award. MindPoint Group is seeking a Senior-level SOC professional to oversee a team supporting one of our clients.

What you get to do every day:

• Oversee the SOC and coordinate all activities
• Manage technical delivery and continual process and procedure improvement to drive operational excellence
• Develop workflows and integration points across all SOC teams
• Develop and execute transition plans, both incoming and outgoing
• Coordinate with third-party vendors and partners to ensure effective operational delivery of services and technologies
• Supervise the development of detection use cases based on available log sources
• Serve as technical expert and liaison to law enforcement personnel and explain incident details as needed
• Coordinate with intelligence analysts to correlate threat assessment data
• Write and publish after-action reviews
• Perform security reviews and identify security gaps in security architecture resulting in recommendations for inclusion in the risk mitigation strategy
• Plan and recommend security modifications or adjustments based on exercise results or system environment
• Notify designated managers, cyber incident responders, and cybersecurity service provider team members of suspected cyber incidents and articulate the event's history, status, and potential impact for further action in accordance with the organization's cyber incident response plan
• Analyze and report on security posture trends
• Provide cybersecurity recommendations to leadership based on significant threats and vulnerabilities
• Work with stakeholders to resolve computer security incidents and vulnerability compliance
• Provide advice and input for Disaster Recovery, Contingency, and Continuity of Operations Plans
• Document and escalate incidents (including the event's history, status, and potential impact for further action) that may cause an ongoing and immediate impact on the environment
• Perform cyber defense trend analysis and reporting
• Provide daily summary reports of network events and activity relevant to cyber defense practices
• Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts
• Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities
• Use cyber defense tools for continual monitoring and analysis of system activity to identify malicious activity, weaknesses exploited, exploitation methods, and effects on systems and information
• Determine tactics, techniques, and procedures (TTPs) for intrusion sets
• Conduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings)
• Assist in the construction of signatures that can be implemented on cyber defense network tools in response to new or observed threats within the network environment or enclave
• Monitor external data sources (e.g., cyber defense vendor sites, Computer Emergency Response Teams, Security Focus) to maintain the currency of cyber defense threat conditions and determine which security issues may have an impact on the enterprise.

Qualifications

**US Citizenship, Public Trust eligibility required**

What skills are required?

• Bachelor's degree or equivalent experience
• Minimum ten (10) years of relevant work experience, which includes at least three (3) years of experience managing a SOC team, with a preference for experience running a combined on-premises/cloud SOC.
• Five years of experience in cybersecurity incident response in one or more single environments with 50,000+ endpoints, with duties that include all five portions of the National Institute of Standards and Technology (NIST) Cybersecurity Framework (Identify, Protect, Detect, Respond, and Recover).
• Mature understanding of industry-accepted standards for incident response actions and best practices related to SOC operations (e.g., OMB M-19-02; NIST Cybersecurity Framework, US-CERT Federal Incident Notification Guidelines, etc.)
• Advanced knowledge and experience in planning, directing, and managing Computer Incident Response Team (CIRT) and/or Security Operations Center (SOC) operations for a large and complex Enterprise
• Hands-on cybersecurity experience (Protect, Detect, Respond and Sustain) leading a Computer Incident Response organization including prior experience performing large-scale incident response
• Strong written and verbal communication skills, and the ability to create technical reports based on analytical findings
• Strong analytical and troubleshooting skills
• Deep technical understanding of core current cybersecurity technologies as well as emerging capabilities
• Deep technical understanding of the life cycle of cybersecurity threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques, and procedures (TTPs)
• Familiarity with Cloud concepts and experience performing monitoring and responding to threats in Cloud environments
• Deep understanding of and experience in Intelligence Driven Defense, Cyber Kill Chain methodology, and/or MITRE ATT&CK framework

What is ideal?

• PMP Certification
• CISSP certification

Additional Information

• All your information will be kept confidential according to EEO guidelines.
• Highlights of our benefits include Health/Dental/Vision, 401(k) match, Flexible Time Off, STD/LTD/Life Insurance, Referral Bonuses, professional development reimbursement, maternity/paternity leave, mobile phone stipend, pre-tax commuter benefits, the opportunity to participate in our mentorship program, and more!
• MindPoint is committed to maintaining a diverse environment. All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law.

Job applicants that are interested in one of our openings and may require a reasonable accommodation to participate in the job application or interview process, should contact us to request an accommodation.

Are you interested in a posted job opportunity but may not check all of the "boxes" for desired qualifications? If so, we encourage you to apply! Our commitment to sustain and champion an inclusive and dynamic community of employees is a high priority!

Text SOCPRO to 202-915-6172 to apply!