Mandiant is a recognized leader in cyber security expertise and has earned the trust of security professionals and company executives around the world. Our unique combination of renowned frontline experience, nation-state grade threat intelligence, machine intelligence, and the industry's best security validation ensures that Mandiant knows more about today's advanced threats than anyone. Mandiant partners with Federal Governments across the globe to protect their national security interests, guarding nation-state secrets, and defending critical infrastructure from cyber-attacks. Our experience has provided us with a unique understanding of the challenges Federal Governments face, and we systematically align our solution and product development cycles to meet their needs. Mandiant isn’t just focused on one threat vector or adversary type. We counter all evolving cyber threats facing public and private sector organizations around the globe.
The SOC Manager is responsible for management, supervision and coordination of cybersecurity incidents as part of a 24x7 operation. SOC Manager also maintains incident response playbooks, conducts cyber tabletop exercises, acts as a liaison on third party incidents, and communicates with Sponsor Leadership. The SOC Manager conducts gap assessments and program maturity analysis to ensure that the Security Operations Center is staffed 24x7, 365 with capable leadership who can take immediate actions upon notification of a cybersecurity incident.
- Serves as the Incident Commander in a 24x7 Security Operations Center, leading significant or high-profile incidents, including validating and escalating incidents, coordinating response activities across multiple business operations.
- Capable of rapid, independent decision making in stressful / fluid situations, including those that impact critical business systems.
- Provides strategic guidance on and tracking of tools/visibility/capabilities gaps affecting information security posture.
- Serves as liaison between the Security Operations Center and the impacted business function and technical teams during an incident.
- Coordinates and directs efforts among Security Operations team members throughout the incident response lifecycle.
- Provides timely and relevant updates to appropriate executive stakeholders and Sponsor leadership.
- Conducts after action reporting and provides relevant insights to guide improvements and adjustments to cybersecurity response processes.
- Tests and updates incident response plans and processes to address existing and emerging threats.
- Maintains strong working relationships across technology and security teams.
- Perform special projects and initiatives as assigned.
- SECRET/TOP SECRET Clearance
- A Masters Degree from an accredited college and six years of satisfactory full-time experience related to projects and policies required by the position; OR
- Education and/or experience which is equivalent to the above
- 8+ years of experience in information security incident handling and security operations
- Experience with large scale, complex incidents of all types to include APT, DDOS, malicious insider, web and mobile applications, data exfiltration, etc.
- Demonstrated ability to perform independent analysis of complex problems and distill relevant findings and determine root cause
- Knowledge of technologies, systems and networks as well as typical gaps that could impact the ability of an organization to effectively detect and respond to cyber threats
- Demonstrated knowledge of common adversary tactics, techniques, and procedures
- Bachelor’s degree in information technology, related discipline or relevant work experience
- An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily-understood, authoritative, and actionable manner
- An ability to effectively influence others to modify their opinions, plans, or behaviors
- A team-focused mentality with the proven ability to work effectively with diverse stakeholders
- Strong organizational skills with proven ability to manage multiple high visibility issues simultaneously
- Relevant Technical Security Certifications (GCIA, GCIH, GCFA, GHFI, GNFA, GREM) a plus
As a U.S. federal contractor, Mandiant has adopted a COVID-19 Vaccination Policy to comply with our obligations under applicable laws and requirements. This position may be covered under Mandiant’s COVID-19 Vaccination Policy, as required in order to support federal contracts, access company offices and/or attend in-person meetings and work events. If covered under this policy, proof of vaccination against COVID-19 may be required as a condition of hire.
At Mandiant we are committed to our #OneTeam approach combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.
This position must be located in the Washington DC/Metro Area
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Full Telecommute