Security Operations Center (SOC) Manager - Active Top Secret Clearance

Location: Washington, DC, United States
Security Clearance: Active TS required, with ability to obtain and maintain
Work Arrangement: On-Site

Our Client is seeking a Security Operations Center (SOC) Manager to oversee enterprise-level SOC operations, incident response, and cybersecurity engineering activities. This leadership role is mission-critical in safeguarding sensitive government systems against cyber threats, ensuring continuous monitoring, timely detection, and effective response to incidents. The SOC Manager will direct SOC operations, serve as the Incident Response Commander during cyber events, and guide infrastructure security engineering efforts across complex, large-scale federal environments.

Key Responsibilities

• Lead day-to-day SOC operations, managing teams of analysts, engineers, and incident responders.
• Serve as Incident Response Commander during critical events, ensuring effective triage, containment, eradication, and recovery.
• Develop and enforce SOC policies, playbooks, and runbooks for threat detection, escalation, and response.
• Oversee implementation and sustainment of secure cyber infrastructures supporting government contracts.
• Provide expert guidance in risk assessments, vulnerability management, and remediation strategies.
• Direct application of security engineering principles across system architecture, development, and deployment.
• Ensure compliance with the NICE Work Role Framework, specifically:
• Incident Response (PD-WRL-003)
• Insider Threat Analysis (PD-WRL-005)
• Threat Analysis (PD-WRL-006)
• Prepare technical documentation, safety cases, and reports to support government security approvals.
• Communicate findings and recommendations effectively to senior leadership, government stakeholders, and cross-disciplinary teams.

Certifications (must hold at least one in each category):

• CISSP (Certified Information Systems Security Professional) or GIAC Incident Response (GCIH/GCIR)
• CISM (Certified Information Security Manager) or GIAC Security Operations Center (GSOC)
• Microsoft Certified Security Operations Analyst Associate
• Microsoft Certified Security Architect Expert or GIAC Security Expert (GSE)

Education & Experience:

• Minimum 7+ years of experience in SOC operations, incident response, and cybersecurity engineering, including SOC management and IR commander responsibilities.
• Proven experience leading enterprise-scale cybersecurity operations for government or defense programs.

Security Clearance:

• Active TS clearance required at time of hire, with ability to maintain.

Desired Skills & Attributes:

• Possess the knowledge, skills, tasks, and capabilities described in the NICE Work Roles for Incident Response (PD-WRL-003), Insider Threat Analysis (PD-WRL-005), and Threat Analysis (PD-WRL-006) as outlined in the NICE Work Role Framework.
• Strong leadership and team-building skills, with ability to perform under pressure in mission-critical environments.
• Expertise in cyber defense frameworks, SOC operations, and security engineering best practices.
• Ability to translate complex technical data into actionable recommendations for senior leadership.
• Strong communication and interpersonal skills across multidisciplinary teams.
• In-depth knowledge of insider threats, advanced persistent threats (APT), and nation-state adversary tactics.

Salary: $150,000/yr. – $180,000/yr.

Health, Dental, and Vision Insurance