Contact Us | Falcon IT & Staffing Solutions

SOC Manager (Woodlawn MD)

Job Title
SOC Manager (Woodlawn MD)
Job ID
Woodland,  MD
Other Location

SOC Manager (Woodlawn MD)

Our client is a rapidly growing information security and information technology company in Washington, DC.   We are looking to hire an Information Security and Privacy SOC Manager to provide a full range of cybersecurity services on a long-term contract in Baltimore, MD. The position is full time/permanent and will support a US Government civilian agency. The position is available immediately upon finding a qualified candidate with the appropriate background clearance.

***Active Secret Clearance Required***

Please send an update resume and target salary requirement.  We look forward to hearing from you!


Job Requirements:

  • 8 years of Information Technology experience, with at least 5 years of experience in information security working within security operations
  • Minimum experience of 5 years in SOC/CIRT with 3 - 5 years of specific experience in a leadership capacity
  • Excellent problem solving, critical thinking, and analytical skills with the ability to de-construct problems
  • Strong customer service skills and decision-making skills
  • Working knowledge of client infrastructure preferred
  • Career proven knowledge of log, network, and system forensic investigation techniques
  • Significant experience performing analysis of log files from a variety of sources, to include individual host logs, network traffic logs, firewall logs, or intrusion prevention logs
  • Significant experience with host and network analysis
  • Experience with reading malware analysis reports
  • Knowledge of diverse operating systems, networking protocols, systems administration and security technologies
  • Intelligence driven defense utilizing the Cyber Kill Chain (CKC) and MITRE ATT&CK
  • Significant experience monitoring threats via a SIEM console
  • Candidate must have familiarity with US-CERT Federal Incident Notification Guidelines
  • Splunk, RSA Security Analytics, and Akamai WAF experience preferred
  • Working knowledge of CrowdStrike, TrendMicro, and McAfee host-based solutions


Personal Attributes:

  • Strong sense of professionalism and ethics
  • Actively seeks to enhance the group through the sharing of knowledge
  • Acts with integrity and communicates honestly and openly
  • Ability to build rapport and cooperation among teams and internal stakeholders
  • Respects others and demonstrates fair treatment to all
  • Methodical and detail oriented
  • Self-motivated


  • Bachelor's degree in Computer Science or related field or equivalent work experience

Desirable Certification(s):

  • CompTIA Network + and Security +
  • EC Council Certified Ethical Hacker (CEH)
  • Formal IT Security/Network Certification such as SANS GIAC Certified Intrusion Analyst (GCIA), SANS GIAC Network Forensic Analyst (GNFA), or SANS GIAC Certified Incident Handler (GCIH)
  • Certified Information Systems Security Professional (CISSP)


Additional Experience Preferred:

  • Experience at the Centers for Medicare and Medicaid Services (CMS) or U.S. Department of Health and Human Services (HHS)
  • Previous SOC/CIRT experience at a federal agency similar in size, scope, and complexity
  • Experience with NIST  800-61 Rev 2 and responding to incidents while following the Incident Life Cycle
  • Experience in Security threats and vulnerabilities
  • Experience in Security technologies and countermeasures
  • Experience in TCP/IP networking concepts
  • Experience in Firewall technologies
  • Experience in IDS/IPS (Network and Host based)
  • Experience in Windows and UNIX/Linux operating environments
  • Experience examining memory and host-based logs


Position Responsibilities:

  • Work closely with the SOC Manager and provide coverage where appropriate
  • Must possess a functional understanding of log and monitoring management systems, security event monitoring systems, network-based and host-based intrusion detection systems, firewall technologies, malware detection and enterprise-level antivirus solutions/systems
  • Must have demonstrated experience with managing and ensuring the timely response and investigations of security events and incidents by the Security Operations Center (SOC)
  • Must possess a working knowledge of regulatory security compliance requirements
  • Familiarity with White House Executive Orders (OE) on improving the Nation’s Cybersecurity and subsequent Office of Management and Budget (OMB) memorandums
  • Familiarity with FISMA monitoring and reporting requirements
  • Must have experience with conceptualizing, developing, publishing and communicating status reports for executive leadership
  • Work closely with client CISO and cybersecurity leadership to identify implement process changes, improvements and efficiencies, and ensure solid security practices
  • Develop and administer SOC processes and review their application to ensure that SOC’s controls, policies, and procedures are operating effectively
  • Establish and maintain excellent working relationships/partnerships with the cybersecurity and infrastructure support teams throughout the Information Technology organization, as well as business units
  • Play a significant role in long-term SOC strategy and planning, including initiatives geared toward operational excellence
  • Execute security operations processes, identify and measure critical security operations metrics, and continually improve the efficiency and effectiveness of all core services in scope
  • Manage and develop SOC team members, including mentoring and capability/skill development.
  • Provide a framework for team members to be successful in achieving team goals and individual performance objectives
  • Provide security expertise to the SOC team leveraging industry leading practices
  • Ensures all pertinent information is obtained to allow for the identification, containment, eradication, and recovery actions to occur in a time sensitive environment
  • Recommends implementation of countermeasures or mitigating controls
  • Resolve or coordinate the resolution of cybersecurity events/incidents
  • Participate in root cause analysis or lessons learned sessions
  • Collaborates with technical and threat intelligence analysts to provide indications and warnings, and contributes to predictive analysis of malicious activity
  • Must have experience with creating and maintaining shift schedules to ensure 24x7 coverage by operations support personnel

Option 1: Create a New Profile