SOC Manager



Phase One Consulting Group is seeking is a Security Operations Center (SOC) Manager with federal security experience to support a security operations center for a federal agency. This role will be responsible for SOC strategy, incident monitoring, detection, analysis, and handling; monitoring security systems and analyzing alarms and events for potential threats and intrusions; categorizing alarms and events; notifying client POC of all incidents, system outages, system health degradation; generating and submitting security incident tickets and reports; and analyzing and assessing incidents, or suspected incidents, that are reported from internal and external sources.


  • Perform Security Incident Management aligned with NIST, DoD or DHS standards
  • Oversight, monitoring and tuning of security systems, including the following: Intrusion Detection & Prevention Systems; Endpoint Security Systems; Security Information and Event Management Systems; Web Proxy Systems; Log Management Systems; Firewall Systems; Full Packet Capture Systems; Data Loss Prevention Systems; Object Level Auditing Systems; Endpoint Forensics; Wireless LAN Monitoring Systems; Database Security Monitoring; Compliance & Threat Modeling Systems
  • Develop and maintain security policies, procedures, Run Book and Incident Management Plan. Manage consistent daily, weekly and event-based reporting, and manage knowledge base for sharing and transfer of experience.
  • Perform gap analysis and provide strategic and tactical recommendations on security issues, and scale systems to take into account new threat or devices and valuate and contribute to the security posture of the organization 


Position Requirements

  • Proven leader with strong skills for building Client relationships with excellent oral and written communication skill
  • 10 years of IT security work
  • Bachelor's degree in IT or related field
  • Relevant industry certifications are required, including, but not limited to GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Analyst (GCFA), GIAC Certified Intrusion Analyst (GCIA), ECIH or other relevant certifications
  • Experience operating a team using ITIL service management standards, including managing a catalog of services and measuring performance
  • Candidates must be able to work on-site at Federal Agency located in the Washington, DC area and must be able to pass a U.S Federal government Public Trust Background Investigation (or higher), form SF85P and obtain a client badge, and be a US Citizen


Company Profile

Since 1997, Phase One Consulting Group has supported an impressive portfolio of clients with their strategic and tactical modernization initiatives. Phase One's clients are typically large organizations of 70,000 or more employees with budgets exceeding $15B that benefit from our multifaceted and proven approach that has resulted in top-rated and award winning business transformation programs. 


Meet Some of Phase One's Employees

Jodi H.

VP, Services Division

As the chief coordinator of Phase One’s Services Division, Jodi’s responsible for transforming the productivity of federal agencies with the most efficient and modern technologies and support.

Jerad S.


Tasked with taking Phase One's clients and teams in the right direction, Jerad enthusiastically transforms businesses with proficient and productive Platform as a Service (PaaS) technologies.

Back to top