Security Operations Center Lead with Security Clearance - Sterling, VA, United States - V2X

Description

Job Description Overview Vectrus is seeking a Security Operations Center Lead to support a U.S
Government customer on a large mission critical development and sustainment program to design, build, deliver, and operate a network operations environment; including introducing new cyber capabilities to address emerging threats
The Development SOC Lead will lead a team of Cyber Security Engineers/Analyst in security monitoring, capacity planning, systems engineering, cloud infrastructure security engineering, and incident handling and response
The team's primary mission is to manage and evolve SOC and incident response activities while supporting the development environments
The services include IDS/IPS, SIEM, NetWitness, EDR solutions and native Cloud logs and security compliance and Incident Response applications
Responsibilities Plans, directs, and coordinates the Security Operations Center for the program
Work closely with technical leadership (government / program / management) Develop and present performance reports and metrics Develop and meet performance management requirements Provide technical leadership for an engineering team to evolve the SOC and integrate activities with teams of cloud security specialists
Consult with cloud team and leadership to set the direction for security monitoring and threat detection
Ensure the successful integration of cloud logging and security monitoring services with SIEM
Direct the development and implementation of rules/signatures in SIEM, and other monitoring platforms, to detect and alert on suspicious activity in Raytheon's public cloud environments
Direct the deployment and management of cloud logging and security monitoring services for AWS and Azure Cloud environments
Provide guidance and direction on operations for cloud-based Cyber Defense systems and services Support cloud-related service migrations to AWS or Azure
Provide guidance on system administration of Cloud based automation tools
Assist in testing and evaluation of new cloud services
Direct a team on Incident Response / security investigations in hybrid cloud and on-premise environments
Ensures proper implementation of required government policy (i.e.

, NISPOM, DCID 6/3, ICD, NIST) and others leading team to ensure compliance across all activities Qualifications Minimum Qualifications:
Active Secret clearance
Must be able to obtain a TS/SCI clearance Must be able to obtain DHS Suitability 10 years of experience engineering, operating, and managing layered security and SIEM integration for on premise or cloud/private cloud environments 5+ years of Tier 3 incident handler experience in cloud and/or on-premise environment 2+ years management in SOC environments in both personnel and technology to include all aspects of personnel management including hiring, performance management, training/compliance, annual salary planning and all other dimensions
Minimum 3 years of professional experience working with AWS or Azure infrastructure, services in a security focused role
Advanced knowledge of AWS & Azure architectural concepts
Experience engineering, operating, and managing layered security and SIEM integration Demonstrated experience handling incidents across multiple operating systems Excellent written and oral communication skills Education / Certifications: A bachelor's degree in systems engineering, a related specialized area or field
Two years of related work experience may be substituted for each year of degree level education

Desired Certifications:

GIAC CISSP

Desired Skills:
Information Security and IT certifications: Cisco, Red Hat, AWS, etc
Experience administering cyber security tools such as Firewalls, SIEM, and PCAP Experience with security log analysis

Experience working on a Computer Incident Response Team (CIRT) Previous experience working in a Security Operations Center (SOC) Virtualization technologies, e.

g
VMWare, HyperV, etc
Automation and IaC tooling, e.g
Ansible, Terraform, etc
Scripting in Python or Perl "Big Data" Analysis systems, e.g
Splunk, ELK, etc
Understanding of Project Management and SDLC methodologies, especially Agile
Experience with CNAPP We are committed to an inclusive and diverse workplace that values and supports the contributions of each individual
This commitment along with our common Vision and Values of Integrity, Respect, and Responsibility, allows us to leverage differences, encourage innovation and expand our success in the global marketplace
Vectrus is an Equal Opportunity /Affirmative Action Employer
All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, national origin, protected veteran status or status as an individual with a disability
EOE/Minority/Female/Disabled/Veteran
Responsibilities Plans, directs, and coordinates the Security Operations Center for the program
Work closely with technical leadership (government / program / management) Develop and present performance reports and metrics Develop and meet performance management requirements Provide technical leadership for an engineering team to evolve the SOC and integrate activities with teams of cloud security specialists
Consult with cloud team and leadership to set the direction for security monitoring and threat detection
Ensure the successful integration of cloud logging and security monitoring services with SIEM
Direct the development and implementation of rules/signatures in SIEM, and other monitoring platforms, to detect and alert on suspicious activity in Raytheon's public cloud environments
Direct the deployment and management of cloud logging and security monitoring services for AWS and Azure Cloud environments
Provide guidance and direction on operations for cloud-based Cyber Defense systems and services Support cloud-related service migrations to AWS or Azure
Provide guidance on system administration of Cloud based automation tools
Assist in testing and evaluation of new cloud services
Direct a team on Incident Response / security investigations in hybrid cloud and on-premise environments
Ensures proper implementation of required government policy (i.e.

, NISPOM, DCID 6/3, ICD, NIST) and others leading team to ensure compliance across all activities Qualifications Minimum Qualifications:
Active Secret clearance
Must be able to obtain a TS/SCI clearance Must be able to obtain DHS Suitability 10 years of experience engineering, operating, and managing layered security and SIEM integration for on premise or cloud/private cloud environments 5+ years of Tier 3 incident handler experience in cloud and/or on-premise environment 2+ years management in SOC environments in both personnel and technology to include all aspects of personnel management including hiring, performance management, training/compliance, annual salary planning and all other dimensions
Minimum 3 years of professional experience working with AWS or Azure infrastructure, services in a security focused role
Advanced knowledge of AWS & Azure architectural concepts
Experience engineering, operating, and managing layered security and SIEM integration Demonstrated experience handling incidents across multiple operating systems Excellent written and oral communication skills Education / Certifications: A bachelor's degree in systems engineering, a related specialized area or field
Two years of related work experience may be substituted for each year of degree level education

Desired Certifications:

GIAC CISSP

Desired Skills:
Information Security and IT certifications: Cisco, Red Hat, AWS, etc
Experience administering cyber security tools such as Firewalls, SIEM, and PCAP Experience with security log analysis

Experience working on a Computer Incident Response Team (CIRT) Previous experience working in a Security Operations Center (SOC) Virtualization technologies, e.

g
VMWare, HyperV, etc
Automation and IaC tooling, e.g
Ansible, Terraform, etc
Scripting in Python or Perl "Big Data" Analysis systems, e.g
Splunk, ELK, etc
Understanding of Project Management and SDLC methodologies, especially Agile
Experience with CNAPP We are committed to an inclusive and diverse workplace that values and supports the contributions of each individual
This commitment along with our common Vision and Values of Integrity, Respect, and Responsibility, allows us to leverage differences, encourage innovation and expand our success in the global marketplace
Vectrus is an Equal Opportunity /Affirmative Action Employer
All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, national origin, protected veteran status or status as an individual with a disability
EOE/Minority/Female/Disabled/Veteran.