SOC Chief - FCC

Washington, DC

⚠️ We'll shut down after Aug 1st - try foo🦍 for all jobs in tech ⚠️

Full Time Executive-level / Director USD 68K - 160K * ^est.

cFocus Software Incorporated

Our exclusive ATO as a Service™ software & expert services automate FISMA RMF & FedRAMP compliance.

View all jobs at cFocus Software Incorporated

Posted 7 hours ago

cFocus Software seeks a SOC Chief to join our program supporting the Federal Communications Commission (FCC). This position is on-site in Washington, DC.

Qualifications:

Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, Information Technologies, or other related fields
Certified Information Systems Security Professional (CISSP).
GIAC Incident Response Certification. and
Microsoft Certified Security Operations Analyst Associate
7+ years of experience in SOC operations and incident response including SOC management and an IR commander role
Core competencies in leading Information Security GAP Analysis review. and cyber security operations and incident response
Possess the knowledge, skills, tasks, and capabilities described in the NICE Work Roles for Incident Response (PD-WRL-003), Insider Threat Analysis (PD-WRL-005), and Threat Analysis (PD-WRL-006) as outlined in the NICE Work Role Framework
7+ years of experience with Cyber Threats, Cyber Threat Intelligence, Insider Threat Hunting, Threat Hunting and Forensics, & Incident Assessment and Response

Duties:

Establish a Monitoring and Analysis support team (the SOC at FCC) dedicated to systematically assessing Cybersecurity information sourced from sensors, analytical systems, and various cybersecurity tools.
Identify and investigate any unusual activities highlighted by security apparatus or reported by external sources, FCC units, administrators, or users via various channels.
Evaluate, implement, and maintain intrusion detection sensors and software and deliver informal reports and Technical Evaluation Reports (TER) resulting from their assessments.
Proactively monitor, detect, analyze, respond to, and report cybersecurity events in compliance with Federal requirements
Receive automated, user-reported, and externally reported alerts of suspicious activity
Continuously monitor all IT systems and assets
Investigate alerts and triage incidents, analyze root causes, and respond to minimize damage and recover from cyber incidents.
Monitor system status, escalate potential incidents, and manage incident cases and tickets.
Assess risks for High Assurance Gateway access and Web Access Requests
Analyze reports, apply antivirus, intrusion detection, DMA, and perform vulnerability assessments
Author custom detection content, tune SIEM and IDS/IPS events, maintain SIEM content, and perform program reviews
Evaluate hardware/software, improve processes, manage data, coordinate incident reporting
Provide Tier 1 to 3 cybersecurity analysis, 24/7/365 monitoring, and incident response
Document events and actions, including SOC activities, IR metrics, and reports
Maintain a Cyber Defense Playbook and a SOC Communication Plan, updating as needed