Cyber Fusion Center Principal (SOC Manager) - USDS

- Team Leadership and Development: Recruit, mentor, and empower a multidisciplinary team of analysts, engineers, and incident responders. Foster a culture of technical excellence, continuous learning, and rapid response.
- Operational Excellence: Oversee 24x7 monitoring, triage, escalation, and incident management workflows. Ensure efficient case management, investigation quality, and SLA adherence across all shifts.
- Threat Detection and Response: Continuously refine detection logic, threat hunting strategies, and containment playbooks. Partner closely with Detection Engineering and Threat Intel teams to stay ahead of adversaries.
- Tooling and Automation: Drive the optimization of SIEM, SOAR, EDR, NDR, and threat intel platforms. Champion the use of automation to reduce manual effort and increase response speed and consistency.
- Incident Command: Lead critical incident response efforts, coordinating technical teams, communication streams, and post-incident reviews with precision and composure under pressure.
- Metrics and Reporting: Build and deliver high-quality operational reporting and KPIs that inform leadership, demonstrate SOC effectiveness, and uncover areas for improvement.
- Continuous Improvement: Evolve our detection and response capabilities through purple team exercises, adversary emulation, tabletop drills, and root cause analysis.
- Cross-Functional Collaboration: Work hand-in-hand with Product Security, Cloud Security, IT, Compliance, and other partners to build an integrated, defense-in-depth security ecosystem.
- Strategic Planning: Set the SOC's vision and roadmap, ensuring alignment with broader security and business objectives. Advocate for resources, technology upgrades, and process improvements to future-proof the operation.
- This role is an opportunity to make a real impact - blending technical mastery, leadership, and innovation to defend against tomorrow's threats today.

Knowledge & Skills:
- Strong leadership skills and the ability to foster a collaborative, high performing team
- Excellent analytical and problem-solving skills.
- Excellent communication skills (verbal and written), ability to influence without authority.
- Ability to balance risks in ambiguous and complex situations.
- Demonstrated teamwork and collaboration skills, in particular in leading or contributing to multi-functional teams.
Extensive incident handling experience
- Demonstrated experience in leading a security focused capability and providing world class services at enterprise scale
- Expertise in performing or overseeing malware analysis
- Expertise in performing or overseeing digital forensics for incident response
- Strong Operating System Administration skills including conceptual knowledge of OS internals and experience with core service types
- Strong experience with NIX and Windows environments
- Strong expertise in networks and networking principles
- Strong technical depth in cloud environment incident response
- Experience in maintaining a working knowledge of global attack groups and their tools, techniques, and procedures

General Skills:
- Demonstrates excellent organizational direction, time management, problem-solving, prioritization, goal setting, leadership, motivation, negotiation, and interpersonal relations.
- Works well under pressure and within time/budget constraints to solve problems or meet objectives.
- Excellent fundamental knowledge of industry standard frameworks such as MITRE ATT&CK and NIST CSF
- Ability to communicate technical concepts to a broad range of technical and non-technical staff.

Qualifications

Minimum Qualifications
- Bachelors' Degree or industry equivalent work experience in security architecture and engineering in a converged security program
- CISSP, GCIA, GCIH, GREM or applicable experience in the Information Security field
- Expert in computer security incident handling and responding to Advanced Persistent Threats
- Strong leadership skills and the ability to foster a collaborative, high performing team with Excellent analytical, problem-solving, communication (verbal and written) skills with the ability to influence without authority.
- Demonstrated teamwork and collaboration skills - in particular in leading or contributing to multi-functional teams while being able to balance risks in ambiguous and complex situations.

Preferred Qualifications
- Demonstrated experience in leading a security focused capability and providing world class services at enterprise scale with Expertise in performing or overseeing malware analysis, performing or overseeing digital forensics for incident response
- Strong Operating System Administration skills including conceptual knowledge of OS internals and experience with core service types
- Strong experience with NIX and Windows environments
- Experience in maintaining a working knowledge of global attack groups and their tools, techniques, and procedures
- Strong analytical/problem solving skills and cross functional knowledge across multiple IT operational and security disciplines while possessing a high degree of integrity, be trustworthy, and have the ability to lead and inspire change.