View all jobs
ISSO, SOC Lead
Remote, VA · Information TechnologySecurity Lead
This person will be intellectually curious with relentless desire to learn the latest modern security operations control in the cloud (Azure/AWS) infrastructure platforms
This person will be intellectually curious with relentless desire to learn the latest modern security operations control in the cloud (Azure/AWS) infrastructure platforms
- Lead, mentor, and develop a high-performing Security Operations (SOC) team, ensuring 24/7 coverage and rapid incident response capabilities.
- Develop and maintain SOC policies, procedures, and playbooks to improve operational effectiveness and streamline response workflows.
- Conduct regular SOC maturity assessments and implement improvements to maintain cutting-edge operational standards.
- Oversee threat monitoring, detection, and response efforts, ensuring timely identification, containment, and remediation of cyber incidents.
- Continuously improve threat detection capabilities through the optimization of security tools, such as SIEM (Datadog, MS Defender), EDR, and threat intelligence platforms.
- Collaborate with security engineering and IT teams to ensure effective integration and configuration of SOC technologies, including IDS/IPS, firewalls, SIEM, and vulnerability management tools.
- Maintain a comprehensive understanding of regulatory requirements (e.g., GDPR, HIPAA, PCI-DSS) and industry standards (e.g., ISO 27001, NIST).
- Lead regular SOC2 / ISO audits to ensure adherence to compliance standards and support audits by external bodies as necessary.
- Drive continuous improvement of SOC staff skills and knowledge through training, exercises, and industry certification support.
- Collaborate with other security functions, such as GRC (Governance, Risk, and Compliance), security architecture, and vulnerability management, to foster a cohesive security program
- Participate in project and scrum planning prioritization
- Manage/Implement periodic reporting KPI’s on platform performance, availability and efficiency
- Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent experience). A Master’s degree is a plus
- Minimum of 10 years of experience in information security, with at least 5 years in a SOC or security operations management role.
- Demonstrated experience in managing and developing SOC teams, including threat detection, incident response, and vulnerability management.
- Expertise in using and managing security tools (SIEM, EDR, IDS/IPS, firewalls) and threat intelligence platforms.
- Familiarity with cloud security (AWS, Azure, or GCP) and Kubernetes is a plus and preferred
- Expertise in using and managing security tools (SIEM, EDR, IDS/IPS, firewalls) and threat intelligence platforms, preferred experience in Datadog and Microsoft Defender.
- Fundamental understanding of basic networking concepts including VPN, DNS, Routing, Firewalls, and Load-Balancing
- Must have a passion for learning and strong desire to understand enterprise architecture and infrastructure design fundamentals
- Working knowledge of security concepts including access control, directory services, and authentication/integration (OAuth, SAML, and OpenID)
- Strong problem-solving skills, attention to detail, and self-learning initiative
- CISSP, CISM, or CISA; additional certifications in SOC operations or incident response (e.g., GCIA, GCIH, CSIRT)