SAIC is seeking a Security Operations Center (SOC) Detection Manager/Sensor Grid Support Manager to work onsite with our customer in Quantico, VA. This position supports the Marine Corps Cyberspace Operations Group (MCCOG).
This position is contingent upon contract award. If awarded, work will begin in Fall 2023.
Job Summary: The (SOC) Detection Manager will manage a team of Senor Grid Support specialist that include Endpoint Security Solutions (ESS); Network Intrusion Detection and Prevention (NID/PS); Security Information Event Management (SIEM) solution; and cyber incident detection rules and signatures solutions residing on-premise, and in the cloud. Lead the support team that is responsible for maintaining the accreditation and authorization to operate documentation for these systems as well as performing systems integration when the Government acquires new technologies.
Duties and Responsibilities:
• Manage the CTR workforce assigned to the Sensor Grid Support team.
• Serve as the senior expert across the Sensor Grid Support tasks.
• Manage the Endpoint Security Solution (ESS) Support team.
• Manage the Network Sensor Support team.
• Manage the Signature Development team.
• Serve as the senior SIEM SME by leveraging Snort, Regex, and YARA.
• Provide Security Information and Event Management (SIEM) subject matter expertise in Kafka, Red Hat Linux, Elastic Search, Logstash, and Kibana.
• Monitor, analyze, and modify SIEM as necessary.
• Maintain a culture of continuous learning and improvement by updating the tactics, techniques, procedures, training, and education documentation related to this task.
- Active TS/SCI clearance
- Bachelors and fourteen (14) years or more experience; Masters and twelve (12) years or more experience; PhD or JD and nine (9) years or more experience.
- Three (3) years of experience specifically in Sensor Grid Support.
- At least five (5) years overall experience with DCO and cyber security tools
- Possess DoDD 8570 CSSP Infrastructure Support certification
- Possess DoDD 8570 IAT Level II certification or greater
- Experience managing an enterprise-grade Security Information and Event Management toolset, including maintenance, cyber analytics and correlation use cases.
- Experience leveraging network and ESS sensors and other DCO tools to enhance the detection of adversary activity in a large enterprise network.
Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.
Apply on company website