SOC Technical Lead Security Clearance

Position: SOC Technical Lead with Security Clearance
Man Tech seeks a motivated, career and customer- oriented SOC Technical Lead in McLean, VA. This position may require occasional local travel to Herndon, VA. The SOC Technical Lead will provide technical leadership and subject matter expertise for incident response and analysis. Lead a team of Cyber Operations experts and help to protect the most coveted target in the world.

Responsibilities include, but are not limited to:
* Serve as Technical Lead for Incident Analysis, providing subject matter expertise in incident response operations to include incident investigations, analysis and process improvement.

* Oversee the execution of investigations to ensure thoroughness, accuracy, and completeness and assist with tickets and investigations as needed

* In coordination with management, recognize, adopt, and instill best practices in security engineering fields throughout the organization

* Continuously evaluate, shape, and make necessary changes to improve the efficiency and effectiveness of the Incident Response program

* Provide technical/analytical recommendations for improvement to the program of record

* Perform Risk Management activities and analysis and recommend mitigations to address identified risks and issues

* Own and facilitate exercise drill execution and planning

* Instill accountability for incident analysis to all levels of the contract team and ensure expectations are effectively communicated to the team

Minimum Requirements:

* Bachelor's degree in a technical field and 8+ years of experience as a cyber security analyst, incident responder, or other closely related cyber security role, or High School Diploma and 12+ years of experience

* 5+ years of experience with SIEM, Windows and Linux Internals, NIST 800-53 and NSM-8

* 1+ years' experience leading a team

* Experience responding to on-net cyber-attacks, such as, adversary credential breaches, account creations, shell or reverse shell usage, exfiltration, or similar

Preferred Qualifications:

* 11+ years of experience performing SOC incident response duties within the Intelligence Community

* 2+ years performing incident detection, response, or forensics in AWS, Azure, GCP, or OCI

* Experience with network forensics

* Relevant certifications in cyber investigations, incident response, or cyber analysis, such as GCFE, GREM, OSCP, or similar Clearance Requirements:
* Active/current TS/SCI with Polygraph is required for this position

Physical Requirements:

* Must be able to remain in a stationary position 50%

* Must be able to communicate, converse, and exchange information with peers and senior personnel.

* The person in this position needs to occasionally move about inside the office to access file cabinets, office machinery, etc.