Security Operations Center (SOC) Manager (Clearance Required) - Future Opportunity

ICF

San Jose, California

JOB DETAILS
SKILLS
Analysis Skills, ArcSight, Artificial Intelligence (AI), Automation, CSIH - Computer Security Incident Handler, Communication Skills, Computer Security, Continuous Improvement, Cross-Functional, DoD Clearance, Federal Contracts, Financial Trend Analysis, Government, Human Resources, Incident Response, Information Technology & Information Systems, Integrated Circuits (ICs), Internet Security, Intrusion Detection Systems, Intrusion Prevention Systems, Leadership, Leading Edge Technology, Metrics, Network Administration/Management, Network Monitoring, Network Security, Operational Audit, Organizational Skills, Patient Assessment, Performance Metrics, Presentation/Verbal Skills, Process Improvement, Project/Program Management, Security Attacks, Security Clearance, Security Information and Event Management (SIEM), Splunk, Standard Operating Procedures (SOP), Team Lead/Manager, Technical Support, Time Management, Training Program, Training/Teaching, Trend Analysis, U.S. National Institute of Standards and Technology (NIST), United States Citizen, United States Department of Defense (DoD), Use Cases, Web Application Framework
LOCATION
San Jose, California
POSTED
30+ days ago

ICF is seeking an experienced Security Operations Center (SOC) Manager to support a Defense Human Resources Activity (DHRA) cybersecurity program. In this role, you will oversee 24/7 SOC operations, lead a team of analysts performing detection, triage, and escalation, and ensure effective coordination of incident response activities. The SOC Manager develops playbooks, implements monitoring and reporting procedures, and provides regular situational awareness updates to Government stakeholders to strengthen the agency’s cyber defense posture.

This is for a potential future opportunity. This position will be based onsite in Seaside, CA.

What You’ll Do

  • Manage day-to-day SOC operations, ensuring continuous monitoring of DHRA networks and systems for security events and anomalies.

  • Lead SOC analysts performing event detection, triage, escalation, and coordination with incident response teams.

  • Develop, implement, and maintain SOC standard operating procedures (SOPs), playbooks, and escalation protocols.

  • Ensure timely and accurate analysis of alerts from SIEM, endpoint, and network monitoring tools.

  • Coordinate with cybersecurity, IT operations, and RMF teams to ensure an integrated defense posture and rapid response to incidents.

  • Oversee SOC training programs, ensuring analyst proficiency in threat detection, correlation, and response processes.

  • Conduct root-cause and trend analysis on incidents to identify systemic vulnerabilities and areas for improvement.

  • Prepare daily, weekly, and monthly operational reports and briefings for Government stakeholders.

  • Advise leadership on emerging threats, attack trends, and SOC performance metrics.

  • Drive continuous improvement of monitoring coverage, use cases, and automation within SOC tools and workflows.

Required Qualifications

  • Bachelor’s degree is required

  • 10 years of experience in cybersecurity operations, analysis, and/or incident response, including at least 3 years in a supervisory or team lead capacity.

  • Active DOD security clearance.

  • US Citizenship required by federal contract.

  • One of the following certifications:

    • CBROPS

    • CFR

    • CySA+

    • GCFA

    • GCIA 

    • GICSP

    • Elastic/Splunk certifications

Desired Qualifications

  • Master’s degree in cybersecurity, information systems, or a related technical field.

  • Demonstrated expertise managing SOC or NOC operations in a DoD or Federal environment.

  • Experience with SIEM, IDS/IPS, endpoint detection, and incident response tools.

  • Proven ability to coordinate cross-functional teams during incident response and recovery.

  • Experience managing a 24/7 SOC supporting DoD, IC, or federal missions.

  • Familiarity with tools such as Splunk, ArcSight, Elastic, Tenable, and SOAR platforms.

  • Knowledge of MITRE ATT&CK, DoD Cyber Threat Framework, and NIST 800-61 (Computer Security Incident Handling Guide).

  • Experience implementing SOC metrics, KPIs, and automation strategies.

  • Strong leadership, communication, and presentation skills, with the ability to brief senior Government officials.

#icfns

Working at ICF

ICF is a global advisory and technology services provider, but we’re not your typical consultants. We combine unmatched expertise with cutting-edge technology to help clients solve their most complex challenges, navigate change, and shape the future.

We can only solve the world's toughest challenges by building a workplace that allows everyone to thrive. We are an equal opportunity employer. Together, our employees are empowered to share their expertise and collaborate with others to achieve personal and professional goals. For more information, please read our EEO policy.

We will consider for employment qualified applicants with arrest and conviction records.

 

Reasonable Accommodations are available, including, but not limited to, for disabled veterans, individuals with disabilities, and individuals with sincerely held religious beliefs, in all phases of the application and employment process. To request an accommodation, please email 

Candidateaccommodation@icf.com

 and we will be happy to assist. All information you provide will be kept confidential and will be used only to the extent  to provide needed reasonable accommodations.  

Read more about workplace discrimination rights or our benefit offerings which are included in the Transparency in (Benefits) Coverage Act. 

 

Candidate AI Usage Policy

At ICF, we are committed to ensuring a fair interview process for all candidates based on their own skills and knowledge. As part of this commitment, the use of artificial intelligence (AI) tools to generate or assist with responses during interviews (whether in-person or virtual) is not permitted. This policy is in place to maintain the integrity and authenticity of the interview process.  

However, we understand that some candidates may require accommodation that involves the use of AI. If such an accommodation is needed, candidates are instructed to contact us in advance at 

candidateaccommodation@icf.com

. We are dedicated to providing the necessary support to ensure that all candidates have an equal opportunity to succeed. 


 

Pay Range - There are multiple factors that are considered in determining final pay for a position, including, but not limited to, relevant work experience, skills, certifications and competencies that align to the specified role, geographic location, education and certifications as well as contract provisions regarding labor categories that are specific to the position.

The pay range for this position based on full-time employment is:

$130,687.00 - $222,169.00

California Client Office (CA88)

About the Company

I

ICF

ICF (NASDAQ:ICFI) is a global consulting and technology services provider with more than 5,000 professionals focused on making big things possible for our clients. We are business analysts, policy specialists, technologists, researchers, digital strategists, social scientists and creatives. Since 1969, government and commercial clients have worked with ICF to overcome their toughest challenges on issues that matter profoundly to their success. Come engage with us at icf.com.

COMPANY SIZE
5,000 to 9,999 employees
INDUSTRY
Computer/IT Services
FOUNDED
1969
WEBSITE
https://www.icf.com/