We're problem solvers first & foremost. PUNCH's origin story involves frustration with available INFOSEC tools and techniques—we came up thru the industry using these inefficient tools and decided there had to be a better way. We bring this laser focus on efficiency to every customer engagement.
We have trust as a hallmark in everything we do. PUNCH provides its team members with the maximum amount of ownership over their careers, the direction of the company, and the flexibility & freedom to accomplish their job without interference. Trust requires accountability; we live that, company-wide.
We back each other up. PUNCH is a supportive place to work. We've worked hard to create an environment that makes people better, encourages teamwork, and rewards a “pitch in” mentality.
We give back. To those in need. To the community. To the industry.
Does this sound like you?
PUNCH is seeking a seasoned SOC Manager to lead a large-scale, 24/7 Security Operations Center (SOC) in support of a large U.S. Government agency. The SOC includes two major functional units—an operational team (monitoring, detection, and incident response) and a threat analysis team (hunting, malware analysis, intelligence integration). You must possess a SECRET security clearance.
This leadership role is ideal for someone who has operated at scale - running SOCs in complex hybrid (on-prem/cloud) environments—and who understands the tactical, strategic, and organizational levers of effective cyber defense. The ideal candidate is a builder, mentor, and communicator who thrives in high-tempo mission spaces and can manage teams across shifts and specializations.
- Manage the full operational lifecycle of a 24/7 SOC supporting a critical federal mission
- Lead subordinate managers and analysts across SOC Operations and Threat Hunt/Analysis teams
- Drive strategy, staffing, workflow optimization, and process improvement within the SOC
- Oversee incident response activities in alignment with all five functions of the NIST Cybersecurity Framework
- Maintain readiness for hybrid environments (on-premises and cloud infrastructure)
- Coordinate escalations, shift transitions, and analytic coverage across rotating teams
- Communicate with senior government leadership, external mission partners, and internal stakeholders
- Implement and track performance metrics aligned to mission impact and SOC maturity
- Identify risks, gaps, and opportunities for automation, upskilling, and tooling improvements
- Ensure compliance with Treasury security policies and federal standards
- 10+ years of SOC management experience, including 5+ years managing hybrid (on-prem/cloud) SOCs
- 10+ years of experience in incident response across enterprise-scale environments (50,000+ endpoints)
- Deep familiarity with NIST Cybersecurity Framework and federal incident response protocols
- Demonstrated success influencing practices and communicating with senior stakeholders
- Experience leading large, distributed teams in a mission-critical setting
- Experience supporting Department of Treasury or other federal financial agencies
- Familiarity with SIEM, SOAR, EDR, and threat intel platforms
- Active certification such as CISSP, CISM, or GIAC