SOC Manager (Remote-USA)

Job Description

The FireEye Consulting team is seeking a passionate and highly skilled SOC Manager to support a critical customer mission! The SOC Manager will frequently interface with the government SOC leadership and security staff from other vendors. This person shall be knowledgeable in establishing and running SOC operations, as well as handling security events from start to closure. The SOC Manager will advise and assist government leadership with developing policies, procedures, and building the team. They will also ensure security events are understood and should have the ability to perform analysis on events to determine their impact on the Customer’s Enterprise. The SOC Manager shall be able to competently operate and advise leadership on any security tools being used.

If you are fanatical about security, will do whatever it takes to keep the bad guys out, enjoy hunting for attackers, thrive on responding to security incidents and interested in designing creative solutions to enhance our client’s security posture then we want to hear from you!

• Provide strong leadership and guidance in a Security Operations Center
• Lead process design, improvement, and updates to standard operating procedures
• Provide recommendations to SOC leadership on workflows and team structure
• Brief SOC leadership on cyber security events and other incident related issues
• Provide expert independent services and leadership in specialized technical areas
• Advise SOC leadership and oversee team regarding state-of-the-art software/hardware
• Ensure problems are clearly defined and devise solutions to satisfy Government requirements

• Please note that this position is remote with occasional TDY to Orlando, FL (anticipated 15% Travel)

Qualifications

• Bachelor’s degree in a technical discipline (or a degree + relevant work experience)
• Minimum 6 years of cyber security operations experience, 8 years of overall experience
• Experience leading SOC teams and ability to make decisions on remediation and counter measures
• Ability to develop policy, procedures, and guidance on all aspects of SOC operations from technology to staff
• Knowledge of Packet Analysis, exploits within network traffic, intrusion detection, root kits, and various malware
• Experience with security event analysis, incident response, computer forensics, and malware analysis, or other
• Ability to support Elastic SIEM, F5, Suricata, Splunk, Novetta Cyber Analytics, Snort IDS, and Bro IDS
• Fundamental understanding of network protocols and TCP/IP, Unix, and Windows operating systems
• Awareness of popular attack tools (e.g., Zeus, Blackhole, Slowloris, LOIC, Cryptolocker, Pony Loader, etc.)
• Familiarity with tradecraft used by APT groups, nation-state, and non-state actors
• Ability to communicate effectively the actual status of an incident, attack, or other cyber issue
• Excellent communication, presentation, and written skills, as well as prior interaction with C-level executives
• Strong leadership skills with the ability to prioritize and execute in a methodical and disciplined manner
• Ability to set and manage expectations with senior stakeholders and team members

• IAT I or II level certification (Security+, CEH, GIAC GCIA, GCIH, or CISSP)
• Experience with STIGs, NIST, and CMMC
• Familiarity with managing administrative abuses
• Understanding of governmentcompliance Risk Management Framework
• Clearance suitability

Additional Information

At FireEye we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.