Security Operations Center Lead (SOC Lead) / Cyber Engineer Principal II
Node.Digital, United States

Experience
1 Year
Salary
0 - 0
Job Type
Full Time Job
Job Shift
Morning Job
Job Category
Engineering
Traveling
No
Career Level
Non-Managerial
Telecommute
No
Qualification
Bachelor's Degree
Total Vacancies
1 Job
Posted on
Aug 31, 2023
Last Date
Sep 30, 2023
Location(s)
Amsterdam, United States

Job Description

Security Operations Center Lead (SOC Lead) / Cyber Engineer Principal II

Location: Dulles

Must have an active Secret Clearance

Node supporting a U.S. Government customer on a large mission-critical development and sustainment program to design, build, deliver, and operate a network operations environment; including introducing new cyber capabilities to address emerging threats.

Node seeking a Security Operations Center Lead.

The Development SOC Lead will lead a team of Cyber Security Engineers/Analyst in security monitoring, capacity planning, systems engineering, cloud infrastructure security engineering, and incident handling and response. The team’s primary mission is to manage and evolve SOC and incident response activities while supporting the development environments. The services include IDS/IPS, SIEM, NetWitness, EDR solutions and native Cloud logs and security compliance and Incident Response applications.

Responsibilities Include:

  • Plans, directs and coordinates the Security Operations Center for the program.
  • Work closely with technical leadership (government/program/management)
  • Develop and present performance reports and metrics
  • Develop and meet performance management requirements
  • Provide technical leadership for an engineering team to evolve the SOC and integrate activities with teams of cloud security specialists.
  • Consult with the cloud team and leadership to set the direction for security monitoring and threat detection.
  • Ensure the successful integration of cloud logging and security monitoring services with SIEM.
  • Direct the development and implementation of rules/signatures in SIEM, and other monitoring platforms, to detect and alert on suspicious activity in Raytheon’s public cloud environments.
  • Direct the deployment and management of cloud logging and security monitoring services for AWS and Azure Cloud environments.
  • Provide guidance and direction on operations for cloud-based Cyber Defense systems and services
  • Support cloud-related service migrations to AWS or Azure.
  • Provide guidance on system administration of Cloud-based automation tools.
  • Assist in testing and evaluation of new cloud services.
  • Direct a team on Incident Response/security investigations in hybrid cloud and on-premise environments.
  • Ensures proper implementation of required government policy (i.e., NISPOM, DCID 6/3, ICD, NIST) and others leading the team to ensure compliance across all activities


    • Requirements

    Required Skills:

  • U.S. Citizenship
  • Active Secret clearance. Must be able to obtain a TS/SCI clearance
  • Must be able to obtain DHS Suitability
  • 10 years of experience engineering, operating, and managing layered security and SIEM integration for on-premise or cloud/private cloud environments
  • 5+ years of Tier 3 incident handler experience in cloud and/or on-premise environment
  • 2+ years of management in SOC environments in both personnel and technology to include all aspects of personnel management including hiring, performance management, training/compliance, annual salary planning and all other dimensions.
  • Minimum 3 years of professional experience working with AWS or Azure infrastructure, services in a security-focused role.
  • Advanced knowledge of AWS amp; Azure architectural concepts.
  • Experience engineering, operating, and managing layered security and SIEM integration
  • Demonstrated experience handling incidents across multiple operating systems
  • Excellent written and oral communication skills

    • Desired Skills:

  • Information Security and IT certifications: Cisco, Red Hat, AWS, etc.
  • Experience administering cyber security tools such as Firewalls, SIEM, and PCAP
  • Experience with security log analysis.
  • Experience working on a Computer Incident Response Team (CIRT)
  • Previous experience working in a Security Operations Center (SOC)
  • Virtualization technologies, e.g. VMWare, HyperV, etc.
  • Automation and IaC tooling, e.g. Ansible, Terraform, etc.
  • Scripting in Python or Perl
  • Big Data Analysis systems, e.g. Splunk, ELK, etc.
  • Understanding of Project Management and SDLC methodologies, especially Agile.
  • Experience with CNAPP

    • Required Education

    - A bachelor’s degree in systems engineering, a related specialized area or field. Two years of related work experience may be substituted for each year of degree-level education.

    Desired Certifications:

    - GIAC, CISSP

    Company

    Job Specification

    Job Rewards and Benefits

    More Jobs like this Job

    Jobs in Amsterdam United States
    Jobs in this company

    Node.Digital

    Information Technology and Services - Florida, United States
    © Copyright 2004-2024 Mustakbil.com All Right Reserved.