Security Operations Center (SOC) Deputy Program Manager and Technical Lead

Hill Associates, a leading IT Consultant, is searching for a highly experienced, technically capable cybersecurity professional who seeks to step up to a leadership role. The position is immediately available for the right candidate who is ready to provide leadership for the team supporting a Federal Government 24x7x365 Security Operations Center (SOC). The SOC is comprised of an integrated team of security analysts, engineers, and IT experts organized to detect, analyze, respond to, report on, and prevent cybersecurity incidents. In this highly visible position, you will support enterprise operations security for over 100,000+ people, interface with multiple Bureaus, and coordinate with peers and stakeholders both within and external to the Department.

U.S. citizenship and a Secret security clearance are mandatory requirements; candidates who do not meet these requirements will not be considered. This position will operate under a temporary telework policy per current Federal Government and Departmental mandates. Under normal circumstances, the work is located at a metro accessible (Orange Line) client location in Vienna (Tysons Corner), Virginia. No travel outside the DC metro area is anticipated.

If you have 8+ years of technical cybersecurity acumen, are passionate about leading a professional team of cybersecurity experts, and thrive in a high-paced collaborative environment, then we want to hear from you!

What You Will Bring:

  • You will bring deep technical knowledge and experience in cybersecurity operations.

  • You are a trusted and highly competent resource for the Department SOC organization, and Technical Lead supporting the Program Manager.

  • You thrive in collaborating and leading a highly capable team of multi-skilled cyber and infrastructure experts including SOC Analysts, Incident Responders, and SIEM Engineers.

  • You will bring knowledge of basic principles for defining, designing, and deploying IT security capabilities from various cloud service providers (e.g., AWS, Azure, or an MSSP).

  • You will have an understanding of the people, process, and technology impacts within organizational change management practices for the evolution of on-premises to cloud-based IT services

  • You excel in providing technical, risk-based, and analytic advice to the SOC.

  • You understand the relevance, need, and position of system monitoring capabilities, telemetry, and data types as part of the operational security of cloud-deployed information systems.

  • You provide trusted advice and recommendations for program performance including optimization of existing processes and tools.

  • You can leverage your extensive knowledge of cyber threats and vulnerabilities, including knowledge of advanced persistent threat (APT) techniques in meeting the mission at hand.

  • You can impart knowledge of cyber-attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, persistence, lateral movement, exploitation, covering tracks) within incident response operations and functions.

  • You are keenly aware of the global cyber risk landscape and what capabilities these adversaries bring to the table.

  • You can rapidly come up to speed, correlate and assess key activities, understand critical issues being monitored or reviewed, and focus on threats and risks requiring immediate attention.

  • You foster a transparent culture, which promotes continuous improvement and knowledge transfer across teammates.

  • You are adaptable and embrace change – you rapidly adjust priorities and processes on the fly as needs dictate.

  • You act in the best interests of the Government in relationships with other commercial providers and maintain complete confidentiality and the highest ethical standards in these matters, as related to the performance of this contract.

What You Will Get To Do:

  • Leadership support for a 24x7x365 major Federal Government Department SOC, and provides technical leadership, program and project support, and incident response support.

  • Provide critical team leadership under both normal conditions as well as during crisis, incident response, and contingency situations.

  • Provide support and experience for the design and deployment of advanced analytics or cyber threat hunting and threat awareness toolsets as part of operational security monitoring and response capabilities.

  • Investigate, document, and report on emerging threats and trends. This may include coordination with internal/external intel partners.

  • Provide situational awareness through information sharing with analysts, team members, and other internal/external cybersecurity teams, SOCs, and external stakeholders (DHS, law enforcement)

  • Aid the Program Manager and US Government Leads with understanding gaps in security capabilities, meeting organizational objectives, or managing staff and NIST and FISMA compliance deliverables specified under the contract.

  • Monitor all work produced by the contracting team(s) and coordinate with designated Government interfaces or Hill Associates staff to meet quality objectives.

  • Develop and implement appropriate processes and project management plans that initiate, plan, execute, and monitor/report all program activities to successfully meet SOC objectives.

  • Provide project management and governance for large-scale Incident Response Remediation consisting of multiple workstreams; validate and track the completion of detailed remediation tasks.

  • Effectively communicate project or program status, organizational strategies, workstream activities, and presenting high-quality deliverables.

  • Support after action/lessons learned including reviewing, writing, and publishing after-action reports, policy, and publications.

Qualifications:

  • Citizenship: U.S. citizen (required).

  • Clearance: Active security clearance (minimum Secret) required.

  • Experience: 8+ years experience in SOC/cybersecurity environments.

  • Education: Bachelor’s degree (technical); Master’s degree preferred

  • Certifications: Prefer cyber / cloud security certifications, such as CISSP, GSEC, CISM, CISA, CCSP, CCSS, etc.

  • Experience with a variety of security tools and technical capabilities, such as:

  • SMTP inspection

  • DNS

  • Web (HTTP/HTTPS)

  • Firewall & Proxy

  • DHS Einstein

  • APT detection appliances

  • SPLUNK

  • MISP

  • Multiple IDS/IPS systems

  • Service Now

  • Atlassian Jira/Confluence

What We Can Offer You:

Hill Associates is an affirmative action and equal opportunity employer. Employment decisions will be made without regard to race, color, religion, sex, age, national origin, military status, veteran status, handicap, physical or mental disability, sexual orientation, gender identity, genetic information or other characteristics protected by law.

If you have visited our website for information about employment opportunities, or to apply for a position, and you require an accommodation, please contact Hill Associates Recruiting Team at 202-656-6505 or via email at careers@hillasc.com. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodation.

Hill Associates offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace.