SOC Lead (Top Secret)

Zachary Piper Solutions is seeking a SOC Lead to support a critical program for Department of Energy, National Nuclear Security Administration in Manassas, VA. The team is seeking an experienced cyber incident responder to lead detection and response of cyber incidents and provide recommendations to improve methodologies to protect the organizations intellectual property from evolving threats.

Clearance: Active Top Secret Clearance and/or DOE Q

Location: Washington, D.C., Manassas, VA (100% on-site)  

Responsibilities of the SOC Lead:   

• Oversee, direct, and mentor the SOC team, ensuring smooth and efficient daily operations.
• Offer guidance, feedback, and training to SOC analysts to enhance their performance and skills.
• Lead the SOC team in identifying, analyzing, and responding to cybersecurity incidents, such as intrusions, malware, and data breaches.
• Reconstruct timelines from network defense data to analyze intrusions and attacks.
• Serve as the escalation point for Develop and enhance threat detection capabilities to proactively identify emerging risks and vulnerabilities.
• Analyze network traffic, system logs, and threat intelligence data to uncover potential threats.
• complex or high-priority incidents, ensuring proper resolution.
• Collaborate with IT and cybersecurity teams to support enterprise-wide incident response and threat mitigation.
• Develop and implement strategies to mitigate risks to intellectual property and other sensitive assets.
• Manage the configuration, optimization, and administration of security tools, including SIEM (Security Information and Event Management), IDS/IPS (Intrusion Detection/Prevention Systems), endpoint protection, and other monitoring solutions.
• Maintain accurate and detailed documentation of security incidents, including analysis, findings, and mitigation steps.

 Qualifications of the SOC Lead:  

• Active Top Secret and/or DOE Q clearance
• Bachelor’s degree from an accredited college in a related discipline and 10+ years of cybersecurity experience, 4+ years of leadership experience
• Certifications: CISSP, CISM, GCIH, GCIA, or equivalent are highly preferred
• Experience in network defense, incident response, threat detection, vulnerability management, and security operations
• Experience leading incident response efforts, including network intrusions, malware, and data breaches
• Analyze large volumes of data (network traffic, logs, threat intelligence)

Compensation of the SOC Lead:

• Total compensation based on experience level - $170,000 - $200,000**based on experience level**
• Full Benefits: PTO, 11 Paid Holidays, Medical, Dental, and Vision, 401k with ADP
• Long-term program (3.5 years remaining)

Keywords: Threat analysis, Microsoft defender, MS, Defender, azure, CI, Counter intelligence, CI Polygraph, VM, virtual machines, M365, Sentinel, Sentinel One, SentinelOne, forensics, spring, cloud, SIEM, EDR, endpoint, SOC, engineer, onsite, on-site, Manassas, engineering, cyber security engineer, cyber analyst, malware detection, adversary profiling, vulnerability assessment, Incident response, intellectual, SOC, leadership, manager, management, SOC lead, GCIH, CISSP,  threat hunting, phishing campaigns, cyber forensics, gcia, security+, CCNA, intrusion detection, malware, red team, blue team, cyber security, cybersecurity, cyber, security operations, Darknet monitoring, IOC collection, security consulting, strategic intelligence, Risk mitigation, penetration testing, trend analysis, data encryption, TS/SCI, Polygraph, SOC, SIGINT, DoD, MD, Maryland, Sec+, CySA+, CEH, malware, MISP, Forescout, threat intelligence, network security, threat detection, IOC, indicator of compromise, top secret, CI polygraph, trend analysis, APT, advanced persistent threat, deep web, information assurance, cyber, cyber security, cybersecurity, adversary, analysis, reporting, briefing, SCI, SCIF, On site, hybrid, OPSEC, Intelligence, intel, intelligence reporting, OSINT, open source, open-source, DHS, federal, government, contract, analysis, threat, cyber threat, threat intelligence, SIEM, splunk, wireshark, PCAP, malware, pen test, penetration testing, TTP, TTPs