Security Operations Center (SOC) Lead

Job description

Responsibilities We are seeking a highly skilled and innovative Security Operations Center (SOC) Lead to join our team in the greater DMV area, supporting the Army National Guard. Key Responsibilities: - Manage day‑to‑day SOC operations: staffing, shift coverage, case handling, escalation, and incident lifecycle management. - Oversee incident coordination with CIRT, NOSC, ARCYBER, USCYBERCOM, and engineering teams; implement playbooks and countermeasures during incidents. - Ensure investigative quality: review cases, validate threat analysis, enforce documentation/runbook standards, and oversee evidence preservation. - Lead detection engineering efforts: rule/signature/content development, tuning, enrichment, and mapping to MITRE ATT&CK. - Maintain continuous monitoring aligned with STIG/IAVM/RMF requirements and ensure SOC support for defensive cyber operations. - Develop and maintain SOC SOPs, playbooks, escalation matrices, COOP procedures, and communications plans. - Coordinate SOC reporting and notifications to RCC‑NG, ARCYBER, USCYBERCOM, and other stakeholders; produce situational awareness products and executive briefings. - Drive analyst training, exercises, purple teaming...