SOC Technical Lead

ManTech seeks a motivated, career and customer- oriented SOC Technical Lead in McLean, VA. This position may require occasional local travel to Herndon, VA.  The SOC Technical Lead will provide technical leadership and subject matter expertise for incident response and analysis. Lead a team of Cyber Operations experts and help to protect the most coveted target in the world. Responsibilities include, but are not limited to:Serve as Technical Lead for Incident Analysis, providing subject matter expertise in incident response operations to include incident investigations, analysis and process improvement.Oversee the execution of investigations to ensure thoroughness, accuracy, and completeness and assist with tickets and investigations as neededIn coordination with management, recognize, adopt, and instill best practices in security engineering fields throughout the organizationContinuously evaluate, shape, and make necessary changes to improve the efficiency and effectiveness of the Incident Response programProvide technical/analytical recommendations for improvement to the program of recordPerform Risk Management activities and analysis and recommend mitigations to address identified risks and issuesOwn and facilitate exercise drill execution and planningInstill accountability for incident analysis to all levels of the contract team and ensure expectations are effectively communicated to the team Minimum Requirements:Bachelor’s degree in a technical field and 8+ years of experience as a cyber security analyst, incident responder, or other closely related cyber security role, or High School Diploma and 12+ years of experience5+ years of experience with SIEM, Windows and Linux Internals, NIST 800-53 and NSM-81+ years’ experience leading a teamExperience responding to on-net cyber-attacks, such as, adversary credential breaches, account creations, shell or reverse shell usage, exfiltration, or similarRelevant certifications in cyber investigations, incident response, or cyber analysis, such as GCFE, GREM, OSCP, or similarPreferred Qualifications:11+ years of experience performing SOC incident response duties within the Intelligence Community2+ years performing incident detection, response, or forensics in AWS, Azure, GCP, or OCIExperience with network forensicsClearance Requirements:Active/current TS/SCI with Polygraph is required for this position Physical Requirements:Must be able to remain in a stationary position 50%

Created: 2025-09-23