Apply on Employer Site

Peraton · 1 day ago

CSOC Manager

US-OR-Portland

Full-time

Onsite

Senior Level, Lead/Staff

$135K/yr - $216K/yr

12+ years exp

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. The CSOC Manager will lead a team in monitoring and defending corporate networks from cyber threats, ensuring compliance with cybersecurity regulations and managing operations within a 24x7x365 Cybersecurity Operations Center.

Information TechnologyRobotics

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Provide leadership and strategic direction, overseeing CSOC daily operations

Manage CSOC shift handovers, on-call rotations, and resource allocation to meet CSOC goals

Establish and manage performance KPIs, manage workloads, and drive CSOC service improvement initiatives

Management and maintenance of CSOC searches, correlation rules, displays, dashboards and reports within the Splunk application and other tools

Contribute to the company’s development and implementation of security policies, procedures, and future technology introductions to the CSOC and monitored networks

Review and approve reports and updates regarding company security posture, emerging threats, and incident reports to senior management and government and company data calls before they are released

Perform regular CSOC high level reporting regarding incident review, opening and closing incident cases and outstanding threat issues

Provide guidance and leadership for CSOC staff and adjust staffing to address persistent and peak high-level threats cover the 24x7x365 staffing windows

Track operating budget and staffing, staff travel, software and hardware upgrades, track and manage CSOC vendor contract requirements and deliverables to meet contract award objectives

Ensure proper collection, storage, and analysis of the major existing data sources such as log data, binary data (flow and PCAP), context data, and threat intelligence feeds into SIEM/EDR/SOAR and other tools and explore the value of adding new data sources

Maintain CSOC Standard Operating Procedures (SOP), Tactics, Techniques, and Procedures (TTP) and other documentation updating to account for technology introduction, emerging threats and industry best practices

Review and approve data source type reports

Manage anomaly and incident case investigations that are a result of nation state attacks or involve federal authorities

Manage and approve CSOC cybersecurity and network infrastructure change requests such as privileged account escalation, device filter change rules, access control lists, CSOC systems patch management, vulnerability assessment scanners, digital certificates, Secure Sockets Layer (SSL) tear down, Intrusion Detection System (IDS)/Intrusion Protection System (IPS) change rules

Manage malware incident response across the company using approved change management process

CSOC performance of network and systems analysis of anomaly and intrusion alerts to the network infrastructure and anomalous network traffic, application operations, firewalls, malware detection, security incidents or anomalies flagged by monitoring tools, and their proper disposition

Guide the CSOC’s analysis of security alerts from IT and network devices such as firewalls, IDS/IPS, reviewing device logs for suspicious patterns, lead the CSOC’s preliminary incident response, event analysis and threat intelligence

Coordinate CSOC efforts and reporting with IT, Legal, HR, and other departments

Ensure CSOC compliance with corporate governance, standards, and regulatory requirements

Qualification

Cybersecurity managementCSOC operations leadershipIncident responseThreat assessmentCybersecurity certificationsAnalytical skillsProblem-solving skillsCommunication skillsTeam leadership

Required

U.S. Citizenship Required

Must have the ability to obtain / maintain a DOE L Level or DOE Secret clearance

Degree in computer science, engineering, cybersecurity, information technology, or related field

12 years of experience, may have supervisory or management experience

Cybersecurity experience in roles such as cybersecurity manager, security monitoring, threat and risk assessment, incident response, forensic analysis, offensive testing, controls assessment, vulnerability research or CSOC operations

Understanding of industry cybersecurity standards such as FISMA, NIST 800 series, and regulatory compliance requirements

Demonstrated strategic thinking, CSOC operations leadership, or broad understanding of enterprise risk management

Strong analytical and problem-solving skills and team leadership for investigating and assessing security risks

Excellent verbal and written communications skills and ability to explain complex concepts and cybersecurity situations in concise and easy to understand manner focused both on required compliance and the company's business operations