Security Operations Center - Washington, United States - Computer World Services

Computer World Services

Verified Company

Washington, United States

3 weeks ago

Posted by:

Mark Lane

beBee recruiter

Description

Key Tasks and Responsibilities

Provide 24x7 SOC support, participating in daily DHS SOC status calls and monthly DHS SOC working group meetings.
Utilize CUSTOMER enterprise security information and event management (SIEM) and other monitoring tools for security monitoring and proactive threat hunting.
Utilize threat intelligence and opensource cybersecurity outlets to enhance SOC operations.
Manage securityrelated events/incidents using CUSTOMER and DHS ticketing systems.
Develop and present SOC status reports at Information Technology Cyber Security Program (ITCSP) weekly staff meetings.
Develop and maintain SOC standard operating procedures (SOPs).
Collaborate with Cybersecurity and other IT support teams as needed for incident response.
Utilize CUSTOMER Security Orchestration and Automated Response (SOAR) tool for incident handling and workflow development.
Interface with CUSTOMER Privacy Office and Security Management Division for classified and privacy data spill cleanup.
Lead technical support for developing, implementing, and managing CUSTOMER social engineering exercises.
Escalate threat and indicator of compromise (IOC) details to the Cybersecurity team as necessary.
Interface with DHS SOC and SOCs of other agencies or companies as needed.
Provide shiftend status reports and hand off open incident investigations to the next shift.
Support ITCSP team in advancing the maturity level of the CUSTOMER SOC based on the DHS defined Maturity Model.
Perform annual selfassessment of SOC capabilities against the DHS Cybersecurity Service Provider (CSP) maturity model.
Support external assessments and audits by various stakeholders.
Support Cybersecurity and SOCrelated tabletop exercises and internal assessments.
Serve as the technical lead for the DHS CSP assessment.
Assist in creating and maintaining project plans for all SOCrelated projects.

Job Requirements:
Education & Experience

Bachelor's degree (preferred).
Minimum 12 years of overall IT experience.
10 years of experience in a lead role managing major data center or IT Security Operations Center supporting a broad range of IT capabilities.
Experience using IT tools (Microsoft Sentinel and M365 Defender preferred) for monitoring security incidents and vulnerabilities.
Experience performing threat hunting across complex IT architectures.
Ability to work in a dynamic environment and coordinate multiple assignments.
Excellent communication skills both written and verbal.
Ability to independently resolve complex issues.
Knowledge of the CUSTOMER mission and organization.

Certifications

At least one of relevant industry certifications such as GIAC Security Operations Manager (GSOM), GIAC Security Expert (GSE), GIAC Certified Incident Handler (GCIH), GIAC Certified Detection Analyst (GCDA), GIAC Certified Intrusion Analyst (GCIA), EC-Council Certified Incident Handler (ECIH), or other relevant certifications.

Security Clearance

DHS Customer will perform and adjudicate customer background investigation prior to work start.
Active Top Secret Clearance (preferred).

Other (Travel, Work Environment, DoD 8570 Requirements, Administrative Notes, etc.)

Local travel within 50 mile radius of Washington, DC may be required.
Work location in Washington DC with Telework/Remote work authorized at Customer discretion.

Computer World Services is an affirmative action and equal employment opportunity employer.

Current employees and/or qualified applicants will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, disability, protected veteran status, genetic information or any other characteristic protected by local, state, or federal laws, rules, or regulations.

Job Snapshot:

Employee Type:
Full-Time

Location:
Washington, DC Metro Area (Hybrid)

Job Type:
Government, Information Technology, Other

Experience:
Not Specified

Date Posted: 04/12/2024

Job ID: 4200/3109/20538