Security Operations Center Program Manager

About PUNCH: We're problem solvers first & foremost. PUNCH's origin story involves frustration with available INFOSEC tools and techniques—we came up thru the industry using these inefficient tools and decided there had to be a better way. We bring this laser focus on efficiency to every customer engagement.We have trust as a hallmark in everything we do. PUNCH provides its team members with the maximum amount of ownership over their careers, the direction of the company, and the flexibility & freedom to accomplish their job without interference. Trust requires accountability; we live that, company-wide.We back each other up. PUNCH is a supportive place to work. We've worked hard to create an environment that makes people better, encourages teamwork, and rewards a “pitch in” mentality.We give back. To those in need. To the community. To the industry.Does this sound like you? Role Overview: PUNCH is seeking a seasoned SOC Manager to lead a large-scale, 24/7 Security Operations Center (SOC) in support of a large U.S. Government agency. The SOC includes two major functional units—an operational team (monitoring, detection, and incident response) and a threat analysis team (hunting, malware analysis, intelligence integration). You must possess a SECRET security clearance. This leadership role is ideal for someone who has operated at scale - running SOCs in complex hybrid (on-prem/cloud) environments—and who understands the tactical, strategic, and organizational levers of effective cyber defense. The ideal candidate is a builder, mentor, and communicator who thrives in high-tempo mission spaces and can manage teams across shifts and specializations. Responsibilities: - Manage the full operational lifecycle of a 24/7 SOC supporting a critical federal mission - Lead subordinate managers and analysts across SOC Operations and Threat Hunt/Analysis teams - Drive strategy, staffing, workflow optimization, and process improvement within the SOC - Oversee incident response activities in alignment with all five functions of the NIST Cybersecurity Framework - Maintain readiness for hybrid environments (on-premises and cloud infrastructure) - Coordinate escalations, shift transitions, and analytic coverage across rotating teams - Communicate with senior government leadership, external mission partners, and internal stakeholders - Implement and track performance metrics aligned to mission impact and SOC maturity - Identify risks, gaps, and opportunities for automation, upskilling, and tooling improvements - Ensure compliance with Treasury security policies and federal standards Required Qualifications:- Bachelor's degree (or 3 additional years of experience in lieu of degree) - 10+ years of SOC management experience, including 5+ years managing hybrid (on-prem/cloud) SOCs - 10+ years of experience in incident response across enterprise-scale environments (50,000+ endpoints) - Deep familiarity with NIST Cybersecurity Framework and federal incident response protocols - Demonstrated success influencing practices and communicating with senior stakeholders - Experience leading large, distributed teams in a mission-critical setting Preferred: - Experience supporting Department of Treasury or other federal financial agencies - Familiarity with SIEM, SOAR, EDR, and threat intel platforms - Active certification such as CISSP, CISM, or GIAC

Created: 2026-02-10