SOC Technical Lead Security Clearance

Position: SOC Technical Lead with Security Clearance
R
- Description Through the J6 Penetration Handling, Incident, System Health (PHISH) support services task order on the GSM-O contract, we provide IT products, services and solutions to the Pentagon and other DoD offices and agencies for them to meet mission and business requirements. Our Cybersecurity team performs cyber defensive actions in support of J6 to prevent, detect, respond and recover from adversarial activities.

This position provides technical leadership to the J6 Security Operations Center (SOC) lead and staff. Beyond advising and guiding technical matters, this position is tasked with driving implementation and adoption of new tools, capabilities, frameworks, and methodologies while ensuring those already in use are implemented and utilized properly.

PRIMARY RESPONSIBILITIES:

Serve as a people leader for personnel supporting the Transport and End Point Services watch desk:
* Conduct annual performance assessments to include periodic check ins.

* Validate/approve time charging for both Leidos and vendor personnel.

* Provide coaching/mentoring to personnel.

* Develop and Execute Continual Service Improvement technical strategies to modify and enhance operational processes and impact strategic project/program goals and business results.
Provide an in-depth knowledge and understanding of:
* Provide technical leadership to JSP DCO Security Operations Center

* Drive implementation and adoption of new tools, capabilities, frameworks, and methodologies across all teams within the SOC

* Provide technical guidance and support to SOC lead

* Work with Security Infrastructure team to address issues with SOC tools and data feeds

* Identify and offer solutions to gaps in capabilities and visibility

* Promote and drive implementation of automation and process efficiencies

BASIC QUALIFICATIONS:

* Active Top Secret security clearance is required, and Top Secret – Sensitive Compartmented Information (TS/SCI) Eligible (DIA Adjudicated or capable of reciprocal acceptance by DIA)

* Bachelor's degree and 8+ years of prior IT experience. Additional work experience or Cyber courses/certifications may be substituted in lieu of degree.

* 5+ years of intrusion detection and/or incident handling experience.

* DoD 8570 IAT III and CSSP Incident Response certifications required prior to starting

* Prior experience supervising employees of various labor categories and skills in efforts similar in size and scope.

* Advanced knowledge of solution development techniques and best practices related to demonstration, pilot, and test management and operations.

* Demonstrated advanced knowledge of industry accepted standards.

* Demonstrate experience with researching and fielding new and innovative technology;

* Demonstrate advanced experience in configuring cybersecurity tools to feed events, alerts, and logs to SIEM technologies.

* Motivated self-starter with strong written and verbal communication skills, and the ability to create complex technical reports on analytic finding.

* Strong analytical and troubleshooting skills.

PREFERRED QUALIFICATIONS:

* Deep technical understanding of core current cybersecurity technologies as well as emerging capabilities.

* Experience implementing automation to reduce mundane tasks and expedite processes.

* Hands-on cybersecurity experience (Protect, Detect, Respond and Sustain) within a Computer Incident Response organization.

* Demonstrated understanding of the life cycle of cybersecurity threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs).

* Motivated self-starter with strong written and verbal communication skills, and the ability to create complex technical reports on analytic findings.

* Familiarity or experience in Intelligence Driven Defense, Cyber Kill Chain methodology, and/or MITRE ATT&CK framework.
At Leidos, we don’t want someone who "fits the mold"—we want someone who melts it down and builds something better. This is a role for the restless, the over-caffeinated, the ones who ask, “what’s next?” before the dust settles on “what’s now.” If you’re already scheming step 20 while everyone else is still…