ISOC Manager

Primarily remote, in Atlanta. (onsite 6-12 days per year)



-Assist with the development of enterprise-wide security policy, practices, and procedures.

-Conduct information technology risk assessments for systems, software, or configurations.

-System Architecture design (compute, hardware/virtual, OS, storage, networking, security).

-Validates security control configuration on systems, ensure all systems are configured to necessary controls, such as NIST, DFARS 252.204-7012, CMMC, and other similar requirements.

-Actively collaborates with customers and external teams, derives tasks from detailed requirements.

-Lead the groups that provide services in information & cyber security operations, policy and asset protection.

-Lead the groups that provide services in cyber risk management, and regulatory compliance like DFARS 252.204-7012, NIST 800-171, CMMC and others.

-Responsible for leading the investigation of and response to cyber security incidents.

-Provide leadership to lower-level cybersecurity and IT professionals across the enterprise.

-Approve modification to critical information systems and directs implementation of configuration changes.

- US cit eligible for TS clearance

- Bachelors and 14 yrs OR masters and 12 yrs OR phd and 9 yrs

- Leadership experience in a Security Operations Center (SOC) or detection & response function

- Experience in an incident response-related role, with experience as an incident manager, commander, or leader

- Solid technical understanding of cybersecurity concepts, standards, guidelines, and principles

- Experience with industry-recognized security and analysis frameworks (MITRE ATT&CK, Cyber Kill Chain, NIST, etc.)

- Experience with data aggregation/analytics and/or SIEM tools

- Experience with Endpoint Detection and Response (EDR) solutions

- Experience with Vulnerability Management tools

- Ability to handle time-sensitive situations with a calm and professional attitude while maintaining an appropriate sense of urgency

* Ability to work at a technical level to both oversee and perform forensics and investigations in IT environments, capable of identifying vectors of threats and incidents

* Ability to communicate and present at various levels of technical detail depending on audience, ranging from cybersecurity deep dives to non-technical stakeholders

* Effective project management and organizational skills, including managing multiple, concurrent tasks and meeting deadlines

* Excellent interpersonal skills and ability to create collaborative relationships with colleagues across various groups and levels, and influence without authority

* Demonstrates leadership skills with ability to communicate effectively and work independently, both as part of and leading a team

* Ability to mentor team members at all levels, develop training plans, and foster personal and professional growth within the team

* Certified Ethical Hacker (CEH), PenTest+, GIAC Certified Intrusion Analyst (GCIA), GIAC Certified Enterprise Defender (GCED), GIAC Certified Forensic Analyst (GCFA), GIAC Certified Incident Handler (GCIH) or equivalent certification

-Active TS/SCI Clearance.

-Master's degree

-Expertise in an incident response-related role, with experience as an incident commander.

-Experience with the following cybersecurity tools: Splunk, CrowdStrike, Tenable.io, Axonious.

-Offensive Security Certified Professional (OSCP), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) or equivalent certification.

Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.