Cybersecurity Operations Technical Manager

Position Title: Cybersecurity Operations Technical Manager (SOC Engineer/SME)

Location: On Site - Washington, D.C.

 Clearance Required: Public Trust 

Cybervance is a rapidly growing information security and information technology company in Washington, D.C., and we are an equal opportunity employer that designs, develops, and manages the successful execution of training programs for government and private sector organizations. Cybervance believes in creating innovative solutions to deliver measured results.

Cybervance is seeking a highly experienced Cybersecurity Operations Technical Lead (SOC Engineer/SME) to provide technical leadership, subject matter expertise, and hands-on support for a diverse, mission-critical security operations environment. 

The ideal candidate will bring deep operational expertise in SOC engineering and security technologies, proven leadership of local and remote teams, and the ability to effectively communicate with both technical stakeholders and senior executives. This individual will be instrumental in leading technical operations, tuning and maintaining advanced security capabilities, and driving process improvements to enhance the overall effectiveness of cybersecurity operations. 

Responsibilities:

•Serve as the technical lead and subject matter expert for Security Operations Center (SOC)capabilities, providing expert-level support and guidance to analysts and engineers.

•Manage and lead local and geographically dispersed teams in an operational environment,ensuring efficient collaboration and mission success.

•Implement, tune, operate, and maintain a wide range of security operations capabilities, including:

• Firewalls, VPNs, IDS/IPS

• SIEM platforms

• Endpoint Detection and Response (EDR)

• Network Detection and Response (NDR)

• Anti-Virus (A/V), Email Content Filtering, and Web Content Filtering solutions

• Virtualization and related technologies

•Provide hands-on expertise in incident detection, response, and escalation processes.

•Collaborate with senior executives, managers, and stakeholders, serving as an authoritative technical resource and trusted advisor.

•Ensure operational excellence across complex, geographically dispersed environments, adapting leadership style to diverse team dynamics.

• Apply advanced coding and scripting skills to automate SOC processes, integrate tools, and enhance detection and response capabilities.

• Develop and maintain technical documentation, standard operating procedures (SOPs), and playbooks for security operations.

• Mentor and coach junior staff, fostering a culture of continuous learning and operational excellence.

• Drive improvements in SOC effectiveness through proactive threat hunting, tool optimization, and alignment with industry best practices.

Required Skills and Experience:

• 8+ years of experience in cybersecurity operations, including implementing, tuning, maintaining, and operating core SOC security technologies.

• 5+ years of experience with coding and scripting languages (e.g., JSON, Java, JavaScript, Python, SQL, PowerShell, PHP, C, C++).

• Proven experience managing and leading successful teams in both local and remote/virtual environments.

• Demonstrated ability to interact confidently and authoritatively with senior executives, managers, and technical subject matter experts.

• Strong ability to navigate and work effectively across complex, geographically dispersed teams.

• Excellent analytical, problem-solving, organizational, and time management skills.
• Strong interpersonal, verbal, and written communication skills, with the ability to present complex technical concepts to diverse audiences.

• In-depth knowledge of SOC engineering principles, cybersecurity technologies, and operational processes.

Education and Certifications:

• Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or related field required.
• CISSP, CEH, or similar-level certification required.
• Additional certifications such as CISM, GIAC, or vendor-specific credentials (e.g., Splunk, Palo Alto, Cisco, Microsoft) are highly desirable.