Security Operations Center Subject Matter Expert (SOC/SME) - USSOCOM Zero Trust

Kentro

Tampa, Florida

JOB DETAILS
JOB TYPE
Full-time
SKILLS
Automation, Bash Scripting, Best Practices, CISSP - Certified Information Systems Security Professional, Capability Maturity Model Integration (CMMI), Cloud Computing, Community Support, Computer Security, Consulting, Customer/Consumer Behavior, Database Administration, Defense Information Systems Agency (DISA), Diversity, DoD Directive 8140, DoD Directive 8570, Enterprise Architecture, Enterprise Protection, Establish Priorities, Foundation Grants, Government, Hunting, IAT - Information Assurance Technical, ISO (International Organization for Standardization), Identify Issues, Incident Response, Information/Data Security (InfoSec), Internet Security, Java, Machine Learning, Microsoft .NET, Microsoft Certifications, Microsoft Product Family, Microsoft Windows Operating System, National Security Agency (NSA), Network Administration/Management, Network Security, Office Equipment, Operational Audit, Operational Improvement, Operations Planning, Operations Security (OPSEC), People Management, Performance Analysis, Perl Programming Language, Physical Demands, Presentation/Verbal Skills, Problem Solving Skills, Process Improvement, Project Management Professional (PMP), Python Programming/Scripting Language, Reimbursement, Requirements Management, Scripting (Scripting Languages), Security Analysis, Security Information and Event Management (SIEM), Sensitive Compartmented Information (SCI), Small Company, Splunk, Team Player, Technical Delivery, Technical Leadership, Technical Operations, Telemetry, Time Management, Top Secret Clearance, U.S. National Institute of Standards and Technology (NIST), United States Citizen, United States Department of Defense (DoD), Unix Operating Systems, Use Cases
LOCATION
Tampa, Florida
POSTED
3 days ago
Overview:

Thank you for considering IT Concepts dba Kentro, where innovation drives opportunity and collaboration leads to success. Our dynamic community of experts is fully committed to advancing our customers' missions, fostering professional growth, and making a positive impact on our communities. By joining our supportive community, you will find that Kentro is dedicated to your personal and professional development. Together, we can drive meaningful change, spark innovation, and achieve extraordinary milestones.

 

Kentro is seeking a highly technical Security Operations Center (SOC) Subject Matter Expert (SME) to lead the design, implementation, integration, and optimization of User and Entity Behavior Analytics (UEBA) and Security Orchestration, Automation, and Response (SOAR) capabilities in support of the USSOCOM Enterprise Data, Applications, and Training (EDAT) Zero Trust initiative. This position serves as the senior technical authority responsible for advancing the Department of Defense (DoD) Zero Trust Visibility & Analytics and Automation & Orchestration pillars by delivering innovative security operations capabilities that improve threat detection, response automation, and enterprise cyber resilience.

 

The SOC SME will architect and implement advanced analytics and automated response workflows that integrate with enterprise security technologies, including SIEM, endpoint detection and response (EDR/XDR), identity providers, network security tools, cloud platforms, and data protection solutions. This role will work closely with Zero Trust architects, cyber engineers, data security engineers, identity engineers, and government stakeholders to ensure security telemetry is normalized, correlated, and actionable across the USSOCOM enterprise.

 

As the technical lead for SOC modernization efforts, the SME will provide Tier III and Tier IV engineering support, troubleshoot complex security incidents, develop automated response playbooks, and engineer advanced detection use cases leveraging behavioral analytics, machine learning, and threat intelligence. The successful candidate will drive the implementation of continuous monitoring, automated incident response, and proactive threat hunting capabilities while ensuring alignment with the DoD Zero Trust Strategy, NIST Cybersecurity Framework, RMF, and DISA Security Technical Implementation Guides (STIGs).

 

Location: Onsite in Tampa, FL

Responsibilities:
  • Working with the customer and other support contracts to ensure timely and reliable integration of Zero trust efforts.
  • Working collaboratively with other ISSOs and key stakeholders to the RMF process.
  • Creating and managing RMF artifacts and the entire ATO lifecycle.
  • Coordinating with Cybersecurity SMEs to identify requirements and process improvements.
  • Assisting cybersecurity assessors as required.
  • Interpreting DISA STIG requirements.
  • Acts as a member of a team, supporting teammates and collaborating with a “do what it takes” attitude to ensure product and team success.
  • Hands on approach to performing your own assessments with enclave and network infrastructure devices.
  • Ensuring product quality and timeliness of work, providing advice and guidance, resolving problems to meet objectives, and providing periodic performance reports.
  • Provide input on best practices and procedures.
  • Developing new and refining existing processes to enhance quality and productivity.
Qualifications:
  • Education: Master’s degree or 6+ additional years of cybersecurity experience in lieu of a degree and PMP certification.
  • Experience: 12+ years of experience in an enterprise and/or cybersecurity-focused environment.
  • Technical Skills: 
    • Experience with Splunk administration and engineering.
    • Experience with Splunk Enterprise Security (ES) operations and configurations.
    • Experience with Splunk telemetry integration, workflow engineering, and tuning
    • Experience with Microsoft enterprise environment administration and engineering.
    • Experience with Microsoft Enterprise Security (ES) operations and configurations.
    • Experience with Microsoft UEBA/SOAR telemetry integration, workflow engineering, and tuning
    • Proficiency with Unix and Windows environments.
  • Certifications: Active DoD 8570 IAT Level III/ DoW 8140 (511) Advanced certification (e.g., CISSP) required.
  • Physical Requirements:
    • Must be able to remain in a stationary position 50% of the time.

    • Occasionally move about inside the office to access file cabinets, office machinery, or to communicate with co-workers, management, and customers via email, phone, or virtual communication, which may involve delivering presentations.

Preferred Qualifications:  

  • Splunk certifications such as Splunk Certified Cybersecurity Defense Architect, Splunk Enterprise Certified Architect, Splunk Certified Cybersecurity Defense Engineer, Splunk Core Certified Advanced Power User, Splunk Core Certified Consultant
  • Microsoft certifications such as SC-100: Microsoft Cybersecurity Architect; SC-200 Microsoft Security Operations Analyst
  • Experience with scripting or programming languages (e.g., Bash, Python, Java, Perl, .NET).
  • Familiarity with developing and deploying operational and security use cases within Splunk.
  • Familiarity with DoW & NSA Zero Trust Guidance
  • Familiarity with DoW RMF ATO process and answering controls
  • Familiarity with USSOCOM SOFNET

Clearance Requirement:

  • Active TS/SCI
  • Must be a US Citizen
Benefits:

The Company

We believe in generating success collaboratively, enabling long-term mission success, and building trust for the next challenge. With you as our partner, let’s solve challenges, think innovatively, and maximize impact. As a valued member of our team, you have the unique opportunity to work in a diverse range of technology and business career paths, all while supporting our nation and delivering innovative technology solutions. We are a close community of experts that pride ourselves on creating an environment defined by teamwork, dedication, and excellence.

 

We hold three ISO certifications (27001:2013, 20000-1:2011, 9001:2015), two CMMI ML 3 ratings (DEV and SVC) and CMMC Level 2 Certification.

 

Industry Recognition

Growth | Inc 5000’s Fastest Growing Private Companies, DC Metro List Fastest Growing; Washington Business Journal: Fastest Growing Companies, Top Performing Small Technology Companies in Greater D.C.

Culture | Northern Virginia Technology Council Tech 100 Honoree; Virginia Best Place to Work; Washington Business Journal: Best Places to Work, Corporate Diversity Index Winner – Mid-Size Companies, Companies Owned by People of Color; Department of Labor’s HireVets for our work helping veterans transition; SECAF Award of Excellence finalist; Victory Military Friendly Brand; Virginia Values Veterans (V3); Cystic Fibrosis Foundation Corporate Breath Award

 

Benefits

We offer competitive benefits package including paid time off, healthcare benefits, supplemental benefits, 401k including an employer match, discount perks, rewards, and more.  We invest in our employees – Every employee is eligible for education reimbursement for certifications, degrees, or professional development.  Reimbursement amounts may fluctuate due to IRS limitations. We want you to grow as an expert and a leader and offer flexibility for you to take a course, complete a certification, or other professional growth and networking. We are committed to supporting your curiosity and sustaining a culture that prioritizes commitment to continuous professional development.

We work hard; we play hard. Kentro is committed to incorporating fun into every day. We dedicate funds for activities – virtual and in-person – e.g., we host happy hours, holiday events, fitness & wellness events, and annual celebrations. In alignment with our commitment to our communities, we also host and attend charity galas/events. We believe in appreciating your commitment and building a positive workspace for you to be creative, innovative, and happy.

 

Commitment Equal Opportunity Employment & VEVRAA

Kentro is an equal opportunity employer.  All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state or local law.

Kentro is strongly committed to compliance with VEVRAA and other applicable federal, state, and local laws governing equal employment opportunity. We have developed comprehensive policies and procedures to ensure our hiring practices align with these requirements.

As part of our VEVRAA compliance efforts, Kentro has established an equal opportunity plan outlining our commitment to recruiting, hiring, and advancing protected veterans. This plan is regularly reviewed and updated to ensure its effectiveness.

We encourage protected veterans to self-identify during the application process. This information is strictly confidential and will only be used for reporting and compliance purposes as required by law. Providing this information is voluntary and will not impact your employment eligibility.

Our commitment to equal employment opportunity extends beyond legal compliance. We are dedicated to fostering an inclusive workplace where all employees, including protected veterans, are treated with dignity, respect, and fairness.

 

How to Apply

To apply to Kentro Positions- Please click on the job link and then click the blue “Apply” button at the top right of Job Description. Please upload your resume and complete all the application steps. You must fully submit the application for Kentro to consider you for a position.  If you need alternative application methods, please email

careers@kentro.us

and request assistance.  

 

Accommodations

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. Reasonable Accommodations may be made to enable qualified individuals with disabilities to perform the essential functions. If you need to discuss reasonable accommodations, please email

careers@kentro.us

.  

About the Company

K

Kentro