Назад
Company hidden
10 часов назад

SOC Operations Lead / Managed Detection & Response (MDR) Lead (Cybersecurity)

Тип работы
fulltime
Грейд
lead
Английский
b2
Страна
US
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

SOC Operations Lead / Managed Detection & Response (MDR) Lead (Cybersecurity): Overseeing 24x7x365 SOC and MDR operations for a large federal enterprise environment with an accent on security monitoring, incident analysis, and operational improvement. Focus on managing SIEM/EDR platforms, developing SOC playbooks, and briefing executive leadership on cyber threats.

Location: Washington, DC (USA)

Company

hirify.global provides specialized cybersecurity and software services for federal enterprise environments.

What you will do

  • Oversee 24x7x365 SOC and MDR operations supporting on-premises and cloud environments for a large federal enterprise.
  • Direct analyst teams utilizing Splunk, Microsoft Sentinel, CrowdStrike, and cloud telemetry platforms.
  • Develop and maintain SOC SOPs, playbooks, runbooks, and escalation matrices.
  • Lead operational metrics reporting, focusing on MTTD, MTTR, false positive rates, and automation effectiveness.
  • Coordinate closely with Threat Hunting, CTI, Detection Engineering, and Incident Response teams.
  • Brief executives and government leadership on significant incidents, operational trends, and emerging threats.

Requirements

  • 10+ years of cybersecurity operations experience.
  • 5+ years leading enterprise SOC or MDR environments.
  • Experience supporting federal civilian or DoD environments.
  • Experience managing SOC operations for environments with 10,000+ users and large SIEM deployments.
  • Proficiency with Splunk Enterprise Security, Microsoft Sentinel, CrowdStrike, and SOAR technologies.
  • Deep understanding of MITRE ATT&CK, incident response, and threat-informed defense.

Nice to have

  • Certifications: CISSP, GCIA, GCIH, GMON, or GSOC.
  • Splunk Architect/Admin certifications.
  • Microsoft Security certifications.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →