SOC Technical Lead

Active Top Secret security clearance is required, and Top Secret – Sensitive Compartmented Information (TS/SCI) Eligible (DIA Adjudicated or capable of reciprocal acceptance by DIA)
Bachelor’s degree and 12+ years of prior IT experience. Additional work experience or Cyber courses/certifications may be substituted in lieu of degree.
5+ years of intrusion detection and/or incident handling experience.
DoD 8570 IAT III and CSSP Infrastructure Support certifications required prior to starting
Prior experience supervising employees of various labor categories and skills in efforts similar in size and scope.
Advanced knowledge of solution development techniques and best practices related to demonstration, pilot, and test management and operations.
Demonstrated advanced knowledge of industry accepted standards.
Demonstrate experience with researching and fielding new and innovative technology;
Demonstrate advanced experience in configuring cybersecurity tools to feed events, alerts, and logs to SIEM technologies.
Motivated self-starter with strong written and verbal communication skills, and the ability to create complex technical reports on analytic finding.
Strong analytical and troubleshooting skills.

Conduct annual performance assessments to include periodic check ins.
Validate/approve time charging for both Leidos and vendor personnel.
Provide coaching/mentoring to personnel.
Develop and Execute Continual Service Improvement technical strategies to modify and enhance operational processes and impact strategic project/program goals and business results.
Provide technical leadership to JSP DCO Security Operations Center
Drive implementation and adoption of new tools, capabilities, frameworks, and methodologies across all teams within the SOC
Provide technical guidance and support to SOC lead
Work with Security Infrastructure team to address issues with SOC tools and data feeds
Identify and offer solutions to gaps in capabilities and visibility
Promote and drive implementation of automation and process efficiencies.

Deep technical understanding of core current cybersecurity technologies as well as emerging capabilities.
Experience implementing automation to reduce mundane tasks and expedite processes.
Hands-on cybersecurity experience (Protect, Detect, Respond and Sustain) within a Computer Incident Response organization.
Demonstrated understanding of the life cycle of cybersecurity threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs).
Motivated self-starter with strong written and verbal communication skills, and the ability to create complex technical reports on analytic findings.
Familiarity or experience in Intelligence Driven Defense, Cyber Kill Chain methodology, and/or MITRE ATT&CK framework.