Cybersecurity Manager (SOC Lead)

As a leader of the Security Operations Center (SOC) team, in support of the Virginia Information Technology Agency (VITA), a Cybersecurity Manager (SOC Lead) will be responsible for overseeing security operations, managing a team of analysts, ensuring efficient incident response, and continuously improving our security posture. This role requires strong leadership, deep technical expertise, and strategic thinking to protect the organization from cyber threats effectively.

Leadership & Management:

• Lead and mentor SOC analysts (Tier 1 – Tier 3), ensuring continuous development and high performance
• Develop and implement operational strategies to enhance SOC efficiency and effectiveness
• Establish clear objectives, KPIs, and performance metrics to measure SOC success
• Coordinate with stakeholders across IT, security, and business units to align security operations with organizational goals
• Manage SOC staffing, scheduling, and resource allocation to ensure 24/7 coverage

Security Operations & Incident Response:

• Oversee real-time monitoring, detection, and response to security incidents
• Develop and enforce standard operating procedures (SOPs) for incident response, escalation, and resolution
• Lead major incident investigations and coordinate with internal/external stakeholders
• Conduct regular tabletop exercises, red/blue team drills, and threat-hunting activities

Threat Intelligence & Risk Management:

• Monitor and analyze emerging threats, vulnerabilities, and attack trends
• Implement proactive threat intelligence strategies to enhance SOC capabilities
• Ensure compliance with industry regulations, frameworks (e.g., NIST, ISO 27001), and best practices
• Manage SOC technology stack, including SIEM, EDR, IDS/IPS, and SOAR solutions

Training & Continuous Improvement:

• Develop training programs to upskill SOC analysts and improve threat detection capabilities
• Establish and maintain documentation for processes, playbooks, and knowledge sharing
• Drive automation and process improvements to enhance SOC efficiency
• Conduct post-incident reviews and implement lessons learned

WHAT YOU’LL NEED TO SUCCEED:

• Bachelor’s degree in Cybersecurity, Computer Science, or a related field (or equivalent experience)
• 5+ years in cybersecurity with 3+ years in a SOC leadership role
• Strong understanding of SIEM, EDR, IDS/IPS, firewalls, and cloud security tools
• Knowledge of attack frameworks (MITRE ATT&CK), threat intelligence, and forensics
• Experience with scripting and automation (Python, PowerShell) is a plus
• Familiarity with compliance standards (NIST 800-53, ISO 27001, PCI-DSS, etc.)
• Certifications: CISSP, CISM, GIAC (GCIA, GCIH), or equivalent certifications preferred

NICE TO HAVE:

• Excellent leadership, communication, and conflict resolution skills
• Ability to manage high-pressure situations and make critical security decisions
• Strong analytical and problem-solving abilities
• Experience working in a 24/7 operational environment

LOCATION:

• Hybrid at GDIT's Integrated Technology Center in Bossier City, LA

GDIT IS YOUR PLACE:
At GDIT, the mission is our purpose, and our people are at the center of everything we do.

• Growth: AI-powered career tool that identifies career steps and learning opportunities
• Support: An internal mobility team focused on helping you achieve your career goals
• Rewards: Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off
• Community: Award-winning culture of innovation and a military-friendly workplace

OWN YOUR OPPORTUNITY
Explore a career in cyber at GDIT and you’ll find endless opportunities to grow alongside colleagues who share your focus on defending and protecting what matters.