Security Operations Center; SOC Manager

Position: Security Operations Center (SOC) Manager
Georgetown University comprises two unique campuses in the nation’s capital. With the Hilltop Campus located in the heart of the historic Georgetown neighborhood, and the Capitol Campus, just minutes from the U.S. Capitol and U.S. Supreme Court, Georgetown University offers rigorous academic programs, a global perspective, and unparalleled opportunities to engage with Washington, D.C. Our community is a close-knit group of remarkable individuals driven by intellectual inquiry, a commitment to social justice, and a shared dedication to making a difference in the world.
** Requirements
* *** Job Overview
**** Security Operations Center (SOC) Manager, University Information Systems/University Information Security Office - Georgetown University
** The SOC Manager is a self-starter, a natural problem solver, collaborative, and able to work well with adversity and ambiguity. You should have strong problem-solving skills, excellent communication skills, a deep technical understanding of modern cybersecurity threats, DFIR (digital forensics and incident response), and a validated track record in hands-on approach to maturing defense capabilities in highly targeted environments cess for the role will be the delivery of a world class threat defense program that is positioned to address, contain, and drive successful resolution to any cybersecurity situation.

** Duties include but are not limited to:
*** Oversee daily operations of the Security Operations Center (SOC), ensuring timely detection, analysis, and response to cybersecurity incidents
* Coordinate incident response efforts across teams, managing escalations and ensuring containment, eradication, and recovery procedures are executed effectively
* Develop and maintain SOC playbooks, workflows, wikis and escalation protocols to standardize response efforts and improve operational efficiency
* Monitor threat intelligence feeds and integrate relevant indicators into detection systems to enhance proactive defense capabilities
* Lead the implementation and tuning of security monitoring tools (e.g., SIEM, EDR) to ensure accurate alerting and minimal false positives
** Work Interactions
** The SOC Manager will report directly to the Director of Security Operations. They will lead a small team of incident responders and coordinate with the university MSSP (managed security services provider) for triage and after-hours/weekend/holiday support. Interaction and coordination with various teams across the university will be required.
** Requirements and Qualifications
*** Minimum 5 years of experience in a SOC or cybersecurity operations role
* Preferred certifications: CISSP, GCIA, GCIH, CEH
* Strong understanding of incident response methodologies and threat detection techniques
* Experience with SIEM platforms (e.g., Splunk, Sentinel), EDR tools, and log analysis
* Familiarity with MITRE ATT&CK framework and threat intelligence integration
* Ability to lead and mentor SOC analysts in a fast-paced environment
** Preferred Requirements and Qualifications
*** Bachelor’s or Master’s degree /certificate in IT, IS, Cybersecurity or other related field.
* Excellent communication and report writing skills
* Experience with vulnerability management and penetration testing tools
* Knowledge of regulatory frameworks such as NIST 800-53, ISO 27001, and SOC 2
* Experience managing an operational team.
* Experience using incident handling methodologies
* Deep technical knowledge of computer networking concepts and protocols, network security methodologies, cyber threats and vulnerabilities, authentication, authorization, and access control methods.
* Knowledge of operational impacts of cybersecurity lapses.
* Experience with cyber defense and vulnerability assessment tools and capabilities with the ability to determine how a security system should work and how changes would impact outcomes.
* Ability to apply cybersecurity and privacy principles to meet organizational requirements
* Ability to effectively communicate and influence meaningful insights regarding the organization’s threat environment in order to improve its risk management posture
* Experience with at least one of the major cloud…