SOC LEAD

NorthHill Technology Resources has an immediate need for a SOC Lead for a newly awarded program with the Department of State.  This is an excellent opportunity to join a growing Federal Integrator.  Qualified applicants must be US Citizens with a current active Secret Clearance.

Job Overview
The (Security Operations Center) SOC lead will manage a team of 9-10 SOC analysts utilizing a 24x7x365 schedule. The lead will be expected to provide expert technical knowledge to the analysts as well as take part in planning and handling day to day operations.  The SOC lead will be accountable for the shift supervision, coordination, training, and oversight over assigned staff and daily activity.

Position Requirements 

• Lead and manage Security Operations Center
• In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
• Experience in threat management
• Excellent communication and leadership skills. Good Analytical skills, Problem solving and Interpersonal skills.
• Ensure incident identification, assessment, quantification, reporting, communication, mitigation and monitoring.
• Ability to create repeatable processes, escalation instructions and work scripts as needed for shift agents.
• Creation of reports, dashboards, metrics for SOC operations and presentation to Sr. Mgmt.
• Responsible for integration of standard and non-standard logs in SIEM
• Digital Forensics and Analytics including the ability to search across logs on different applications and systems in different time periods based on specific criteria.
• Using Open Source Intelligence Threat (OSINT) monitoring and collecting information from public sources as well as interagency intelligence employing long-term storage of historical data to facilitate correlation of data over time and to provide the retention necessary for compliance requirements.
• Support the implementation, configuration, and administration of the SIEM processes and tools.
• Create queries, dashboards, and visualizations to support customer requirements and monitoring of the Splunk deployment. 
• Define protocols and maturing “playbooks” of operational response to cyber threats.
• Provide teaching / mentoring to SOC Tier 1/2/3 Analysts, including incident response functions

• Bachelor’s degree with 5-8 years of professional experience or experience and certifications in lieu of
• 5-8 years of Cybersecurity, Continuous Monitoring and SOC Operations experience
• 3-4 years of SOC Tier III Level Incident Response Experience
• Supervisory and operational experience in 24x7 environment.
• At least one of the following certifications is required (two or more are preferred): CCNP-S, CCSP, CISSP, CEH, Splunk Foundation Part 1&2, Splunk Core Certified Power User
• Splunk background preferred

• Must have a strong leadership background with the ability to bridge the gap between technical knowledge and supervisory responsibilities.

NorthHill Technology Resources is an Information Technology Services and Human Capital firm headquartered in Arlington VA.  Our mission is to provide exceptional technology talent to both Federal and Commercial clients in the areas of Cyber Security, Technology Infrastructure, Application Development, Database Administration, Software Test, Project Management and other critical technology areas.  Our current Federal clients include Homeland Security, DOD, DHA,  and GSA.  We also provide services to commercial clients including Law Firms, Banks and Financial Institutions, and Healthcare Organizations..  NorthHill’s proven recruiting methodology and flexible engagement model ensures successful delivery with competitive pricing.

NorthHill is a registered small business incorporated in Virginia in 2018.  Our CEO and Founder Mark Nugent has over 25 years of leadership in the IT Services arena.