Provide technical and operational leadership for the Cyber Defense Security Operations Center supporting U.S. Government SaaS deployments, including air-gapped environments
Oversee 24x7 monitoring operations, incident response coordination, escalation management, and continuous improvement of SOC processes and capabilities
Lead a team of SOC Analysts, ensure high-quality investigations, oversee detection engineering collaboration
Drive automation initiatives leveraging platforms such as Splunk and SOAR technologies (e.g., Tines)
Interface with Red, Blue, Purple Teams and Threat Intelligence to maintain an integrated cyber defense posture
Communicate risk effectively to leadership.

10+ years of experience in cybersecurity operations, incident response, or threat detection
5+ years of experience leading or mentoring security operations personnel
Deep experience operating and tuning SIEM platforms such as Splunk
Experience managing incident response lifecycle activities aligned to NIST SP 800-61r3
Experience supporting secure cloud environments and/or air-gapped networks
Bachelor’s degree in Cybersecurity, Computer Science, Engineering, or equivalent experience
Strong understanding of adversary TTPs and MITRE ATT&CK framework
Experience with SOAR platforms (e.g., Tines) and security automation
Proven ability to manage escalations and high-severity incidents
Experience developing KPIs, SLAs, and operational metrics
Strong critical thinking and decision-making skills under pressure
Ability to coordinate cross-functional teams (Red, Blue, Engineering, Compliance)
Excellent written and verbal communication skills
Experience building and improving SOC playbooks and runbooks
Certifications meeting DoD 8570 requirements.

Principal Cyber Security Engineer, SOC Lead

Key skills