Logo
ManTech

SOC Technical Lead

ManTech, McLean

Save Job

ManTech seeks a motivated, career and customer- oriented SOC Technical Lead in McLean, VA . This position may require occasional local travel to Herndon, VA.
 

The SOC Technical Lead will provide technical leadership and subject matter expertise for incident response and analysis. Lead a team of Cyber Operations experts and help to protect the most coveted target in the world.
 

Responsibilities include, but are not limited to:

  • Serve as Technical Lead for Incident Analysis, providing subject matter expertise in incident response operations to include incident investigations, analysis and process improvement.
  • Oversee the execution of investigations to ensure thoroughness, accuracy, and completeness and assist with tickets and investigations as needed
  • In coordination with management, recognize, adopt, and instill best practices in security engineering fields throughout the organization
  • Continuously evaluate, shape, and make necessary changes to improve the efficiency and effectiveness of the Incident Response program
  • Provide technical/analytical recommendations for improvement to the program of record
  • Perform Risk Management activities and analysis and recommend mitigations to address identified risks and issues
  • Own and facilitate exercise drill execution and planning
  • Instill accountability for incident analysis to all levels of the contract team and ensure expectations are effectively communicated to the team
     

Minimum Requirements:

  • Bachelor’s degree in a technical field and 8+ years of experience as a cyber security analyst, incident responder, or other closely related cyber security role, or High School Diploma and 12+ years of experience
  • 5+ years of experience with SIEM, Windows and Linux Internals, NIST 800-53 and NSM-8
  • 1+ years’ experience leading a team
  • Experience responding to on-net cyber-attacks, such as, adversary credential breaches, account creations, shell or reverse shell usage, exfiltration, or similar
  • Relevant certifications in cyber investigations, incident response, or cyber analysis, such as GCFE, GREM, OSCP, or similar


Preferred Qualifications:

  • 11+ years of experience performing SOC incident response duties within the Intelligence Community

    2+ years performing incident detection, response, or forensics in AWS, Azure, GCP, or OCI
  • Experience with network forensics

Clearance Requirements:

  • Active/current TS/SCI with Polygraph is required for this position
     

Physical Requirements:

  • Must be able to remain in a stationary position 50%