ISI Defense is seeking an experienced and proactive SOC Manager to lead the design, development, and daily operations of our Security Operations Center (SOC). A critical focus of this role includes integrating Digital Forensics and Incident Response (DFIR) capabilities and developing user and attacker behavior detection rules. The SOC Manager will oversee threat detection, response, and forensic investigations using SIEMs, DNS security solutions, SASE solutions and endpoint detection and response (EDR) tools. This position is vital to safeguarding ISI Defense’s infrastructure and client systems within the Defense Industrial Base, ensuring compliance with NIST SP 800-171, CMMC, and FedRAMP standards.
Duties/Responsibilities
Threat Detection and Incident Response:
- Oversee proactive threat-hunting initiatives using security monitoring platforms to detect advanced threats
- Coordinate and lead response efforts for security incidents, including containment, eradication, and detailed reporting
- Integrate behavioral analytics with real-time monitoring to enhance detection accuracy
Digital Forensics and Incident Response (DFIR):
- Establish and oversee DFIR protocols for investigating security incidents and preserving evidence
- Conduct and manage forensic investigations using digital forensic tools, documenting findings in detailed forensic reports
- Perform root cause analyses to strengthen organizational resilience and provide recommendations to prevent recurrence
- Behavior Rule Development:
- Design, implement, and maintain user behavior analytics (UBA) and attacker behavior analytics (ABA) rules in SIEMs and other detection platforms to improve threat detection
- Develop advanced correlation rules to identify anomalies, insider threats, and external attacks
- Regularly refine and update behavior rules based on emerging threat intelligence and attack techniques
SOC Development and Management:
- Lead the design, implementation, and management of SOC operations with SIEM as the central platform
- Develop and optimize SOC workflows, playbooks, and processes, including DFIR integration
- Collaborate with IT, engineering, and compliance teams to align SOC capabilities with regulatory standards and organizational needs
Team Leadership and Development:
- Recruit, train, and manage SOC analysts and engineers, ensuring expertise in DFIR and behavioral analytics
- Provide ongoing training on relevant tools, techniques, and methodologies to ensure team readiness
- Establish clear goals, KPIs, and performance metrics for SOC staff
- Compliance and Reporting:
- Ensure all SOC processes meet NIST SP 800-171, CMMC, and FedRAMP requirements
- Support audits with detailed documentation of SOC operations and incident investigations
Reporting and Communication:
- Prepare regular SOC performance reports and metrics for senior leadership, providing insights into SOC operations, incident trends, and the threat landscape
- Act as the primary point of contact for SOC-related inquiries, effectively communicating with stakeholders, clients, and executive leadership
Qualifications
- Bachelor’s degree in Cybersecurity, Information Technology, or a related field; Master’s preferred
- 8+ years of experience in cybersecurity, including 3+ years in SOC or DFIR leadership
- GIAC Certified Forensic Analyst (GCFA ), CySA+, or equivalent certifications
Preferred Qualifications
- CISSP, Certified Threat Intelligence Analyst (CTIA), GIAC Certified Incident Handler (GCIH), GIAC Security Operations Certified (GSOC), Splunk Core Certified User or Power User, CrowdStrike Certified Falcon Responder (CCFR), CrowdStrike Certified Falcon Hunter (CCFH)
What we offer
- The salary range for this role is $120,000-$142,000
- Hybrid work
- A competitive salary and benefits package
- A casual, friendly, and relaxed work environment
- Professional growth encouragement and support
Industrial Security Integrators, LLC (“IsI”) is an equal opportunity employer committed to affirmative action and diversity in the workplace. It is the policy of IsI to provide Equal Employment Opportunities (EEO) to Employees and Applicants, without regard to race, color, religion, sex, age, marital status, citizenship status, national origin, sexual orientation, gender identity, veteran status or disability or any other factor protected by law and to provide advancement opportunities for minorities, women, disabled individuals, and veterans. IsI is stronger and more effective when our workforce includes highly qualified individuals with diverse backgrounds, cultures, and traditions.
Powered by JazzHR
jTSxf7LWOT
