Soc Manager (Cybersecurity)

TL;DR

SOC Manager (Cybersecurity): Providing operational leadership and management oversight for 24x7x365 SOC operations supporting Judiciary cybersecurity activities with an accent on cybersecurity triage, incident response, containment, remediation, recovery, and post-incident review activities. Focus on ensuring operational compliance with NIST SP 800-53, NIST SP 800-61, NIST Cybersecurity Framework (CSF) 2.0, and ITIL v4 principles.

Location: Hybrid, onsite in Washington, DC. Requires an active Public Trust clearance.

Company

hirify.global seeks to add a SOC Manager to their program supporting the Administrative Office of the United States Courts (AOUSC).

What you will do

• Provide operational leadership and management oversight for 24x7x365 SOC operations supporting Judiciary cybersecurity activities.
• Manage cybersecurity triage, incident response, containment, remediation, recovery, and post-incident review activities.
• Oversee alert triage activities utilizing Splunk Enterprise Security, Microsoft Sentinel, ServiceNow, Jira, and other approved Government systems.
• Manage SOC analysts, incident responders, and forensic personnel to ensure staffing coverage, operational readiness, and quality performance.
• Coordinate with AO leadership, federal staff, watch officers, branch chiefs, and stakeholders regarding cybersecurity incidents, operational risks, and emerging threats.
• Support continuous improvement initiatives by identifying detection gaps, process inefficiencies, workflow improvements, and operational enhancements.

Requirements

• Active Public Trust clearance
• B.S. Computer Science, Information Technology, or a related field
• 7+ years’ experience in an active incident responder position; two (2) years of recent (within the last five (5) years) experience providing technical direction to a SOC (over 5,000 endpoints).
• 2+ years of experience implementing IR in a federal environment in accordance with federal incident handling guidelines as specified in NIST CSWP-29: CSF, and NIST SP-800-61 Computer Security Incident Handling Guide.
• 2+ years of experience using Splunk SIEM to correlate cybersecurity alerts.
• 3+ years’ experience in auditing using operating system (Linux and Windows) to perform cybersecurity services.
• Active SANS GCIH or GCIA certification

Culture & Benefits

• Support enterprise security awareness reporting and development of operational KPIs.
• Support transition-in and transition-out activities including onboarding, operational readiness, training, and knowledge transfer.
• Provide executive-level and technical-level cybersecurity briefings, reports, and presentations.