Senior - SOC CHIEF

Everforth ECS is seeking a Senior SOC Chief to work in our Washington DC office. Everforth ECS Federal is a leading information security and information technology company in Washington, DC. We are looking to hire a Senior Security Operation Center (SOC) Manager to provide a full range of cybersecurity services on a long-term contract in Suitland, MD. The position is full time/permanent and will provide 24x7x365 support for a US Government civilian agency. The position is available immediately upon finding a qualified candidate with the appropriate background clearance.Top Secret, SCI eligible8+ years of Information Technology experience, with at least 5 years of experience in information security working within security operations7-10+ years of experience in SOC operations and incident response including SOC management and an IR commander role.Experience with maturing and optimizing SOCsExperience with utilizing Cyber Threat Intelligence to enhance security operations, and threat detections and responsePreferred experience with developing and deploying an integrated NOC/SOC modelExcellent problem solving, critical thinking, and analytical skills with the ability to de-construct problemsStrong customer service skills and decision-making skillsWorking knowledge of cloud infrastructure preferredCareer proven knowledge and experience with log, network, and system forensic investigation techniquesSignificant experience performing analysis of log files from a variety of sources, to include individual host logs, network traffic logs, firewall logs, or intrusion prevention logsSignificant experience with host and network analysisExperience with reading malware analysis reportsKnowledge of diverse operating systems, networking protocols, systems administration and security technologiesIntelligence driven defense utilizing the Cyber Kill Chain (CKC) and MITRE ATT&CKSignificant experience monitoring threats via a SIEM consoleCandidate must have familiarity with US-CERT Federal Incident Notification GuidelinesAzure, Azure Sentinel, Microsoft 365 Defender (across endpoint, email, and collaboration) experience preferredWorking knowledge of FireEye/Trellix tools, Akamai WAF, Sourcefire, and IronportStrong sense of professionalism and ethicsActively seeks to enhance the group through the sharing of knowledgeActs with integrity and communicates honestly and openlyAbility to build rapport and cooperation among teams and internal stakeholdersRespects others and demonstrates fair treatment to allMethodical and detail orientedSelf-motivatedAbility to work in a high-pressure environment with changing priorities.Salary Range: $175,000-195,000General Description of BenefitsBachelor's degree in computer science or related field or equivalent work experienceCertified Information Systems Security Professional (CISSP)Ensure the timeliness and quality of deliverables so that all information and data are accurate and complete;Lead Information Security GAP Analysis review;Perform administrative functions such as reviewing performance and operations to ensure appropriate performance;Ensure effective coordination, collaboration, and communication with federal personnel;Serve as the primary incident commander for all cybersecurity incidents;Must possess a functional understanding of log and monitoring management systems, security event monitoring systems, network-based and host-based intrusion detection systems, firewall technologies, malware detection and enterprise-level antivirus solutions/systemsMust have demonstrated experience with managing and ensuring the timely response and investigations of security events and incidents by the Security Operations Center (SOC)Have demonstrated experience with developing and facilitating cybersecurity tabletop exercises for technical and non-technical personnelMust possess a working knowledge of regulatory security compliance requirementsFamiliarity with White House Executive Orders (OE) on improving the Nation's Cybersecurity and subsequent Office of Management and Budget (OMB) memorandumsFamiliarity with FISMA monitoring and reporting requirementsMust have experience with conceptualizing, developing, publishing and communicating status reports for executive leadershipWork closely with client CISO and cybersecurity leadership to identify implement process changes, improvements and efficiencies, and ensure solid security practicesDevelop and administer SOC processes and review their application to ensure that SOC's controls, policies, and procedures are operating effectivelyEstablish and maintain excellent working relationships/partnerships with the cybersecurity and infrastructure support teams throughout the Information Technology organization, as well as business unitsPlay a significant role in long-term SOC strategy and planning, including initiatives geared toward operational excellenceExecute security operations processes, identify and measure critical security operations metrics, and continually improve the efficiency and effectiveness of all core services in scopeManage and develop SOC team members, including mentoring, task management, and capability/skill development.Provide a framework for team members to be successful in achieving team goals and individual performance objectivesProvide security expertise to the SOC team leveraging industry leading practicesEnsures all pertinent information is obtained to allow for the identification, containment, eradication, and recovery actions to occur in a time sensitive environmentRecommends implementation of countermeasures or mitigating controlsResolve or coordinate the resolution of cybersecurity events/incidentsResponsible for development and leadership of a 24x7x365 SOC, to include establishment of the mission, SOC maturity and optimizing, task management, playbook development and maintenance, and developing and deploying an integrated NOC/SOC modelPerform the SOC Chief activities to include project tracking schedules, risk registers, and risk and issue mitigation strategies for SOC and incident response activities