SOC Operations Lead / Managed Detection & Response (MDR) Lead (Cybersecurity)
Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
TL;DR
SOC Operations Lead / Managed Detection & Response (MDR) Lead (Cybersecurity): Overseeing 24x7x365 SOC and MDR operations for a large federal enterprise environment with an accent on security monitoring, incident analysis, and operational improvement. Focus on managing SIEM/EDR platforms, developing SOC playbooks, and briefing executive leadership on cyber threats.
Location: Washington, DC (USA)
Company
provides specialized cybersecurity and software services for federal enterprise environments.
What you will do
- Oversee 24x7x365 SOC and MDR operations supporting on-premises and cloud environments for a large federal enterprise.
- Direct analyst teams utilizing Splunk, Microsoft Sentinel, CrowdStrike, and cloud telemetry platforms.
- Develop and maintain SOC SOPs, playbooks, runbooks, and escalation matrices.
- Lead operational metrics reporting, focusing on MTTD, MTTR, false positive rates, and automation effectiveness.
- Coordinate closely with Threat Hunting, CTI, Detection Engineering, and Incident Response teams.
- Brief executives and government leadership on significant incidents, operational trends, and emerging threats.
Requirements
- 10+ years of cybersecurity operations experience.
- 5+ years leading enterprise SOC or MDR environments.
- Experience supporting federal civilian or DoD environments.
- Experience managing SOC operations for environments with 10,000+ users and large SIEM deployments.
- Proficiency with Splunk Enterprise Security, Microsoft Sentinel, CrowdStrike, and SOAR technologies.
- Deep understanding of MITRE ATT&CK, incident response, and threat-informed defense.
Nice to have
- Certifications: CISSP, GCIA, GCIH, GMON, or GSOC.
- Splunk Architect/Admin certifications.
- Microsoft Security certifications.
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →