SOC Chief

ECS is seeking a Senior SOC Chief to work On-Site in Portland, OR.   Please Note: This position is contingent upon contract award.

ECS Federal is a leading information security and information technology company in Washington, DC. We are looking to hire a Senior Security Operation Center (SOC) Manager to provide a full range of cybersecurity services on a long-term contract in Portland. The position is full time/permanent and will provide 24x7x365 support for a US Government civilian agency. 

Responsibilities:

• Ensure the timeliness and quality of deliverables so that all information and data are accurate and complete.
• Lead Information Security GAP Analysis review.
• Perform administrative functions such as reviewing performance and operations to ensure appropriate performance.
• Ensure effective coordination, collaboration, and communication with federal personnel.
• Serve as the primary incident commander for all cybersecurity incidents.
• Must possess a functional understanding of log and monitoring management systems, security event monitoring systems, network-based and host-based intrusion detection systems, firewall technologies, malware detection and enterprise-level antivirus solutions/systems.
• Must have demonstrated experience with managing and ensuring the timely response and investigations of security events and incidents by the Security Operations Center (SOC).
• Have demonstrated experience with developing and facilitating cybersecurity tabletop exercises for technical and non-technical personnel
• Must possess a working knowledge of regulatory security compliance requirements.
• Familiarity with White House Executive Orders (OE) on improving the Nation’s Cybersecurity and subsequent Office of Management and Budget (OMB) memorandums.
• Familiarity with FISMA monitoring and reporting requirements.
• Must have experience with conceptualizing, developing, publishing and communicating status reports for executive leadership.
• Work closely with client CISO and cybersecurity leadership to identify implement process changes, improvements and efficiencies, and ensure solid security practices.
• Develop and administer SOC processes and review their application to ensure that SOC’s controls, policies, and procedures are operating effectively.
• Establish and maintain excellent working relationships/partnerships with the cybersecurity and infrastructure support teams throughout the Information Technology organization, as well as business units.
• Play a significant role in long-term SOC strategy and planning, including initiatives geared toward operational excellence.
• Execute security operations processes, identify and measure critical security operations metrics, and continually improve the efficiency and effectiveness of all core services in scope
• Manage and develop SOC team members, including mentoring, task management, and capability/skill development.
• Provide a framework for team members to be successful in achieving team goals and individual performance objectives

• 6+ years of experience in SOC operations and incident response including SOC and Task Management.
• Significant experience monitoring threats via a SIEM console
• Extensive working knowledge of NIST SP 800-53 Rev. 5, 800-37, 800-171, FedRAMP, FISMA, and NIST AI RMF standards.
• Experience implementing or aligning with recognized cybersecurity frameworks such as CIS Controls.
• Demonstrated experience with SIEM platforms (e.g., Splunk/ESS), threat detection and hunting, digital forensics, and cloud security operations.
• Experience with maturing and optimizing SOCs
• Experience with utilizing Cyber Threat Intelligence to enhance security operations, and threat detections and response
• Significant experience performing analysis of log files from a variety of sources, to include individual host logs, network traffic logs, firewall logs, or intrusion prevention logs
• Significant experience performing analysis of log files from a variety of sources, to include individual host logs, network traffic logs, firewall logs, or intrusion prevention logs
• CISSP Certification or comparable relevant training and certifications
• Bachelor’s Degree in computer science or related field or equivalent work experience (10 yrs of experience for HS Diploma, 8 years of experience for Associated)
• Clearance: Public Trust with eligibility to obtain and maintain a DOE “L” Level or DOE “Secret” clearance.