SOC Technical Lead

Through the J6 Penetration Handling, Incident, System Health (PHISH) support services task order on the GSM-O contract, we provide IT products, services and solutions to the Pentagon and other DoD offices and agencies for them to meet mission and business requirements. Our Cybersecurity team performs cyber defensive actions in support of J6 to prevent, detect, respond and recover from adversarial activities.

This position provides technical leadership to the J6 Security Operations Center (SOC) lead and staff. Beyond advising and guiding technical matters, this position is tasked with driving implementation and adoption of new tools, capabilities, frameworks, and methodologies while ensuring those already in use are implemented and utilized properly.

PRIMARY RESPONSIBILITIES:

Serve as a people leader for personnel supporting the Transport and End Point Services watch desk:

• Conduct annual performance assessments to include periodic check ins.
• Validate/approve time charging for both Leidos and vendor personnel.
• Provide coaching/mentoring to personnel.
• Develop and Execute Continual Service Improvement technical strategies to modify and enhance operational processes and impact strategic project/program goals and business results.

Provide an in-depth knowledge and understanding of:

• Provide technical leadership to JSP DCO Security Operations Center
• Drive implementation and adoption of new tools, capabilities, frameworks, and methodologies across all teams within the SOC
• Provide technical guidance and support to SOC lead
• Work with Security Infrastructure team to address issues with SOC tools and data feeds
• Identify and offer solutions to gaps in capabilities and visibility
• Promote and drive implementation of automation and process efficiencies

BASIC QUALIFICATIONS:

• Active Top Secret security clearance is required, and Top Secret – Sensitive Compartmented Information (TS/SCI) Eligible (DIA Adjudicated or capable of reciprocal acceptance by DIA)
• Bachelor's degree and 8+ years of prior IT experience. Additional work experience or Cyber courses/certifications may be substituted in lieu of degree.
• 5+ years of intrusion detection and/or incident handling experience.
• DoD 8570 IAT III and CSSP Incident Response certifications required prior to starting
• Prior experience supervising employees of various labor categories and skills in efforts similar in size and scope.
• Advanced knowledge of solution development techniques and best practices related to demonstration, pilot, and test management and operations.
• Demonstrated advanced knowledge of industry accepted standards.
• Demonstrate experience with researching and fielding new and innovative technology;
• Demonstrate advanced experience in configuring cybersecurity tools to feed events, alerts, and logs to SIEM technologies.
• Motivated self-starter with strong written and verbal communication skills, and the ability to create complex technical reports on analytic finding.
• Strong analytical and troubleshooting skills.

PREFERRED QUALIFICATIONS:

• Deep technical understanding of core current cybersecurity technologies as well as emerging capabilities.
• Experience implementing automation to reduce mundane tasks and expedite processes.
• Hands-on cybersecurity experience (Protect, Detect, Respond and Sustain) within a Computer Incident Response organization.
• Demonstrated understanding of the life cycle of cybersecurity threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs).
• Motivated self-starter with strong written and verbal communication skills, and the ability to create complex technical reports on analytic findings.
• Familiarity or experience in Intelligence Driven Defense, Cyber Kill Chain methodology, and/or MITRE ATT&CK framework.

If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo — because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 — and moving faster than anyone else dares.

Original Posting:

Pay Range:

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.