Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Government and Public Sector - Cybersecurity - Operations and Threat Detection Response - Sr Manager

$170.6k - $390k

Ernst & Young

Senior Manager, Security Operations & Threat Detection and Response – Government & Public Sector From strategy to execution, the Government & Public Sector practice (“GPS”) of Ernst & Young provides a full range of consulting and audit services to help our Federal, State, Local and Education clients implement new ideas to help achieve their mission outcomes. We deliver real change and measurable results through our diverse, high‑performing teams, quality work at the highest professional standards, operational know‑how from across our global organization, and creative and bold ideas that drive innovation. The opportunity As a Senior Manager in Security Operations & Threat Detection and Response within EY’s Government & Public Sector (GPS) practice, you will lead the strategy, design, transformation, and operation of mission‑critical Security Operations Centers (SOCs) for federal, state, local, and education clients. This role blends strategic cybersecurity advisory, operational leadership, and business development ownership in classified and highly regulated environments, up to the Top Secret (TS) level. You will lead large, complex engagements supported by cleared delivery teams, serve as a trusted advisor to senior government stakeholders, and act as a primary driver of revenue growth for EY’s GPS Threat Detection & Response offerings. This role is expected to lead the modernization of government security operations through AI‑enabled analytics, automation‑driven workflows, and XDR‑led telemetry unification across hybrid and multi‑cloud environments. The Senior Manager will be accountable for transforming traditional SOC models into metrics‑driven, outcome‑oriented operations that improve detection fidelity, reduce response time, and operationalize compliance at scale across mission‑critical federal programs. Your Key Responsibilities Define and drive security operations strategies and target operating models aligned to agency missions, risk tolerance, and regulatory mandates. Design and implement SOC operating models that support cleared, U.S.-based delivery in environments up to the TS level, hybrid architectures, and follow‑the‑sun coverage where permissible. Own engagement delivery outcomes, ensuring services meet EY quality standards, contractual SLAs, and government client expectations. Contribute to the development of EY GPS and global cybersecurity methodologies, assets, and accelerators in Threat Detection & Response. Lead the design and operation of AI‑enabled and automation‑driven SOC capabilities, including agent‑based workflows and advanced analytics that accelerate alert triage, enrichment, and response. Drive XDR‑led detection strategies, unifying telemetry across EDR, NDR, SIEM, identity, cloud, and SaaS platforms into a coherent and prioritized threat detection model. Oversee multi‑cloud and hybrid SOC architectures, integrating Azure, AWS, and on‑prem environments into centralized detection and response operations. Own security operations performance metrics, including MTTD, MTTR, dwell time, alert fidelity, and automation coverage, using these KPIs to drive continuous improvement and executive‑level reporting. Establish fusion across adjacent operational domains, including vulnerability management, identity security, data protection, and threat intelligence, reflecting how GPS programs are funded, governed, and measured. Oversee day‑to‑day SOC operations supporting classified (up to TS) and unclassified environments, including: Threat monitoring, alert triage, and escalation Incident containment, eradication, and recovery coordination Detection engineering, use‑case development, advanced analytics, and tuning across SIEM and XDR platforms Threat hunting and integration of cyber threat intelligence SIEM and SOAR runbook development and optimization Act as Incident Commander and executive escalation point for high‑severity cyber incidents, coordinating response with client leadership and government stakeholders. Integration of automated response and orchestration to reduce analyst burden and improve response consistency. Lead post‑incident reviews using MITRE ATT&CK and adversary‑informed defense techniques to measurably improve detection coverage and response effectiveness. Advise senior government stakeholders on SOC modernization roadmaps, translating operational metrics and detection outcomes into mission risk, compliance posture, and investment justification. Lead SOC assessments and maturity reviews using EY and industry frameworks (e.g., NIST CSF, NIST 800‑53, RMF, ISO 27001). Develop actionable roadmaps to mature clients’ SecOps capabilities across tooling, cleared workforce models, processes, and governance. Prepare and deliver client‑ready proposals, Statements of Work (SoWs), executive briefings, and classified or unclassified presentations as required. Ensure adherence to EY risk management, independence, and quality standards across all engagements. Oversee documentation of SOC procedures, incident records, and governance artifacts to support audits, inspections, and regulatory reviews. Support clients in aligning security operations with public sector mandates and regulations (e.g., FISMA, FedRAMP, CMMC, NIST, Zero Trust). Lead business development efforts for Security Operations, SOC transformation, and managed detection and response engagements across GPS clients. Originate opportunities by building trusted relationships with senior government stakeholders and identifying mission‑driven and regulatory cybersecurity needs. Own and lead end‑to‑end pursuits, including: Opportunity shaping and qualification Solution architecture and cleared delivery model design Pricing, margin management, and risk review RFP/RFI responses, orals, and executive negotiations Serve as the primary relationship lead for assigned accounts, driving account planning, pipeline development, and sustained revenue growth. Lead, mentor, and develop multidisciplinary teams of analysts, engineers, and consultants. Foster an inclusive, collaborative culture aligned with EY values and public service mission outcomes. To qualify for the role you must have Bachelor’s degree in Computer Science, Information Security, Engineering, or a related field; Master’s degree preferred. Typically 8–12+ years of cybersecurity experience, including 4–5+ years in SOC or incident response leadership roles. Must be comfortable working in‑person as needed. Must be able to obtain/maintain a secret level clearance. Experience leading large, complex cybersecurity engagements in consulting or managed services environments. Demonstrated experience supporting government or highly regulated clients. Professional Certifications (highly desirable): 2 or more of: GIAC Security Expert (GSE) preferred or other SANS GIAC certifications

CISSP, CISM, CISA, CRISC

ITIL Foundation or higher Cloud and modern security certifications are an advantage: CCSP, Microsoft SC 200/SC 100, Azure Security Engineer AWS Security Specialty, Google Professional Cloud Security Engineer Due to the nature of our work in the Government and Public Sector, work may be required to be completed at client, EY and/or contractor sites. Our goal is to assign professionals to projects within a commutable distance of their work location office. In certain circumstances, travel may be required beyond your work location based on client and project needs. Candidates should be willing to travel 20 – 30% or more. Ideally, you’ll also have Proven ability to lead client engagements end‑to‑end while owning pipeline and revenue growth. Strong commercial acumen, including pricing, margin management, and risk governance. Executive‑level communication, stakeholder management, and negotiation skills. Ability to operate calmly and decisively during high‑pressure cyber incidents. Deep understanding of SOC operations (Tier 1–3), incident response lifecycle, and threat hunting. Demonstrated ability to make senior‑level technical decisions across detection engineering, incident response, and adversary tradecraft in complex government environments. An active U.S. security clearance is required due to the nature of government client work. Top Secret (TS) clearance is highly preferred. What We Offer You Comprehensive compensation and benefits package where you’ll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $170,600 to $390,000. The base salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $204,800 to $443,200. Individual salaries within those ranges are determined through a variety of factors including, but not limited to, education, experience, knowledge, skills and geography. Medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Hybrid work model with expectation to work in person 40‑60% of the time over the course of an engagement, project or year. Flexible vacation policy allowing you to decide how much vacation time you need based on your personal circumstances, with time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your well‑being. EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please contact EY Talent Shared Services Team as indicated in the company resources. #J-18808-Ljbffr EY

Vacancy posted 3 days ago
Similar jobs that could be interesting for youBased on the Government and Public Sector - Cybersecurity - Operations and Threat Detection Response - Sr Manager in Mc Lean, VA vacancy
  • EY in McLean, VA seeks a Senior Manager to lead Security Operations, Threat Detection and Response for Government & Public Sector. You will guide strategy, design, and operation of mission-critical SOCs for federal, state, and education clients, including TS-level environments... 
    Operations
    Senior

    EY

    Mc Lean, VA
    3 days ago
  • Terrestris Global Solutions in Washington, DC is seeking a Senior Security Operations Analyst to monitor and respond to cybersecurity threats. The candidate will analyze security events, manage incident response, and support the National Indian Gaming Commission's cybersecurity... 
    Operations
    Senior

    Terrestris Global Solutions

    Washington DC
    15 hours ago
  • $100k - $120k

     ...private‑ and public‑sector clients...  ...this position: Sr. Cybersecurity Incident Response Specialist Location...  .... Develop operational baselines...  ...Prepare and manage playbooks...  ...800‑61 and Government guidance. Follow...  ...to augment detection of network...  ...understanding of threat actor TTPs,... 
    Operations
    Senior
    Full time
    Contract work
    Work at office
    Local area

    Bering Straits Native Corporation (BSNC)

    Washington DC
    15 hours ago
  • $132.5k - $338.3k

     ...an experienced Threat Informed Defense Senior Manager to an already outstanding...  ..., protect, detect, respond to,...  ..., hunting, and response across...  ...intelligence programs, govern analytic and...  ...hunting, or security operations, with...  ...computer science, cybersecurity, data engineering... 
    Operations
    Senior
    Work experience placement
    Live in
    Work at office
    Local area

    Accenture

    Arlington, VA
    3 days ago
  • $130k - $170k

    ActioNet, Inc. is seeking a Tier 3 Cybersecurity Analyst in Rockville, MD. This...  ...technical position focuses on advanced threat detection, incident response, and forensic analysis within a...  ...integrating threat intelligence into operations. The salary range is $130k-$170k.... 
    Operations
    Senior

    ActioNet, Inc.

    Rockville, MD
    3 days ago
  •  ...seeking a Senior Incident Response Analyst to join our Security Operations Center. This hybrid position...  ...will involve monitoring, detecting, and responding to cybersecurity threats affecting a large-scale...  ...especially within mission-critical government programs. Qualified... 
    Operations
    Senior

    Tetrad Digital Integrity

    Arlington, VA
    4 days ago
  •  ...(TDI) is a cybersecurity firm built for...  ...effectively manage risk & the...  ...Senior Incident Response Analyst to...  ...-critical government program. As...  ...the Security Operations Center, you...  ...help monitor, detect, investigate...  ...cybersecurity threats affecting a...  ...to obtain Public Trust clearance... 
    Operations
    Senior

    TDI (Tetrad Digital Integrity)

    Arlington, VA
    4 days ago
  • $161.9k - $218.6k

     ..., we're seeking a Sr. Product Marketing Manager (PMM) who can shape...  ...future of cloud cybersecurity. As the world's leading...  ...domains - from threat detection and network...  ...for you. Key job responsibilities * Partner with product...  ...cybersecurity, security operations, networking,... 
    Operations
    Senior
    Local area
    Flexible hours

    Amazon

    Arlington, VA
    4 days ago
  •  ...processing, triage, threat analysis, and response to cyber...  ...Systems (ICS), Operational technology (OT),...  ...infrastructure sectors. Practical experience...  ...currently hiring Sr Industrial...  ...procedures (TTPs) for detecting and responding...  ...findings for senior US government intelligence and... 
    Operations
    Senior
    Currently hiring

    Peraton

    Arlington, VA
    3 days ago
  • $229.9k - $262.4k

     ...Product Senior Manager, Endpoint...  ...days ago. Full responsibilities, required...  ...game-changing cybersecurity solutions based on threat, data, and...  ...engineering and operations partners,...  ...-driven detection and response...  ...allowlisting or device governance.* Strong...  ...262,400 for Sr Manager,... 
    Operations
    Senior
    Full time
    Part time
    H1b
    Local area

    TryApplyNow

    Mc Lean, VA
    3 days ago
  •  ..., protect, detect, respond, and...  ...lifecycle. Cybersecurity challenges...  ...security operations center, we...  ...the security sector’s brightest...  ...security, and managed service...  ...systems secure, governed, and...  ...detection systems, threat models, and...  .... Key Responsibilities Lead AI... 
    Operations
    Senior
    Work experience placement
    Live in
    Work at office
    Local area

    Accenture

    Arlington, VA
    1 day ago
  • $100k - $120k

     ...SkyePoint Decisions is a leading Cybersecurity Architecture and...  ...Critical Infrastructure and Operations, and Applications...  ...challenges faced by our federal government clients. Our focus is on...  ...Decisions is seeking a Incident Detection/Response Manager (SOC Manager) to join our... 
    Operations
    Contract work
    Remote work
    Shift work

    SkyePoint Decisions

    Washington DC
    14 days ago
  • $150k - $201.6k

     ...Security Engineer, Threat Response . This position...  ...our Security Operations Center (SOC), incident...  ...activities to detect unknown and...  ...Work with other cybersecurity teams to improve...  ...solutions for four sectors: Technology &...  ...of the date of publication and may be modified... 
    Operations
    Senior
    Temporary work
    Remote work
    Flexible hours

    Orrick, Herrington & Sutcliffe LLP

    Washington DC
    15 hours ago
  • $125.3k - $233k

     ...next‑generation detection and...  ...adversaries and manage massive data scales...  ...knowledge of threat modeling with...  ...for automated response. Design interfaces...  ...security, and governance strategies for...  ..., and operating AI/ML models while...  ...Knowledge of cybersecurity operations, detection... 
    Operations
    Senior
    Local area

    Phase2 Technology

    Mc Lean, VA
    4 days ago
  • $109k - $124.4k

     ...Associate, Cyber Governance & Risk -...  ...tough cybersecurity problems in...  ...development and IT operations, and have...  ...and detection tools, data...  ...configuration management. You are familiar...  ...to a team responsible for...  ...vulnerabilities, threats, controls,...  ...24,400 for Sr. Assoc,... 
    Operations
    Senior
    Full time
    Part time
    H1b
    Local area

    Capital One National Association

    Mc Lean, VA
    2 days ago
  • $70 - $85 per hour

     ...highly skilled Network Detection & Response (NDR) Architect to...  ...This role is ideal for a cybersecurity professional who excels in threat detection, network architecture...  ...teams. Ensure NDR operations meet compliance...  ...supporting audits and governance. Technical Expertise... 
    Operations
    Contract work

    Seneca Resources

    Arlington, VA
    3 days ago
  • $104.8k - $192.2k

     ...working world. Government and Public Sector – Cybersecurity – Penetration...  ...professional standards, operational know-how from...  ..., delivering and managing engagements to assess...  ....  Your key responsibilities  Our...  ...identify potential threats and vulnerabilities... 
    Operations
    Senior
    For contractors
    Summer holiday
    Work at office
    Local area
    Flexible hours

    Ernst & Young

    McLean, VA
    10 days ago
  • $170.7k - $190.8k

    Senior Manager, Security Operations (Hybrid) Senior Manager...  ...Operations, is responsible for ensuring the...  ...effectively to threats, and mature...  ...monitoring, threat detection, vulnerability...  ...core security governance activities while...  ...Provide strategic cybersecurity guidance and... 
    Operations
    Senior
    Work at office
    Remote work
    Flexible hours

    The Pew Charitable Trusts

    Washington DC
    1 day ago
  •  ...Sr. Channel Account Manager Shape the future of cybersecurity at Forescout. Every day cyberattacks...  ...organizations, government agencies, and...  ..., and mitigate threats. From power...  ...50% travel. Responsibilities include the following...  ...on strategy, operations, and go to... 
    Operations
    Senior
    Worldwide

    Forescout Technologies Inc.

    Washington DC
    6 hours ago
  • ActioNet is seeking a Tier 3 Cybersecurity Analyst in Rockville, MD to lead advanced incident detection and response within the SOC. The role focuses on threat hunting, forensic analysis, and integrating...  ...sophisticated threats impacting government systems. The incumbent will... 
    Senior

    ActioNet

    Rockville, MD
    3 days ago
  • $170.6k - $390k

     ...Join EY’s Cybersecurity consulting practice...  ...leader responsible for designing,...  ...implementing, and governing secure network...  ...and security operations teams. Join...  ...team as a Senior Manager in...  ...against a myriad of threats while leading...  ...transactions. Fueled by sector insights, a... 
    Operations
    Senior
    Summer holiday
    Remote work
    Flexible hours

    EY

    Arlington, VA
    2 days ago
  •  ...modernization and elite cybersecurity solutions. We...  ...an evolving threat environment....  ...for a Public Trust clearance...  ...Senior IT Project Manager -...  ...project manager responsible for directing...  ...cybersecurity governance, risk, and compliance...  ...cybersecurity operations and seamless handoffs... 
    Operations
    Senior
    Contract work
    For subcontractor
    Work at office

    APTNEXUS

    Washington DC
    3 days ago
  • A premier cybersecurity firm in Arlington, VA is seeking a Cyber Network Defense Analyst. The role involves monitoring network activity, analyzing threats, and coordinating with cyber defense teams. Candidates should have 8+ years of cyber defense analysis experience and... 
    Senior

    Nightwing

    Arlington, VA
    3 days ago
  • $132.5k - $338.3k

     ...prepare, protect, detect, respond and...  ...lifecycle. Cybersecurity challenges...  ...entire security operations center, we...  ...the security sector’s brightest people...  ...security and managed service...  ...the following responsibilities: Provides solutions...  ...security governance (security... 
    Operations
    Senior
    Work experience placement
    Live in
    Work at office
    Local area

    Accenture

    Arlington, VA
    3 days ago
  •  ...JPMorganChase within the Cybersecurity & Technology Controls Incident Management & Response team, you will serve...  ...Center and Security Operations Center, providing 24/...  ...against evolving threats. If you are passionate...  ...corporate, institutional and government clients under the J.P... 
    Operations

    J.P. Morgan

    Washington DC
    9 hours ago
  • $150k

     ...Technology services to government clients in support of critical...  ...of Infrastructure Operations, Application Development, Cybersecurity, Virtualization, Cloud...  ...a Senior Capture Manager to join our team in supporting...  ...Manager will be responsible for managing the full capture... 
    Operations
    Senior
    Contract work
    Temporary work
    For subcontractor
    Local area
    Relocation package

    Link Solutions

    McLean, VA
    4 days ago
  •  ...professional to oversee fraud detection and risk operations for a large federal...  ...Director of Program Management, this role is responsible for oversight, monitoring...  ..., local, and private sector counterparts to understand...  ...in a health plan, government agency, or large healthcare... 
    Operations
    Senior
    Contract work
    Work at office
    Local area
    Flexible hours

    Serco

    McLean, VA
    3 days ago
  •  ...thrives here. Responsibilities Lead incident response...  ...all observed threats and document all...  ...& system operations to ensure effective...  ...Act as incident manager for all declared...  ...education 8+ years of cybersecurity investigation...  ...EDR tools for detection and response It... 
    Operations
    Senior
    Flexible hours

    Donnelley Financial, LLC

    Rockville, MD
    3 days ago
  •  ...You will be responsible for building...  ...centers and public cloud environments...  ...proactive threat detection. Duties and...  ...Engineering: Build and manage secure...  .../ML Security Governance (Adversarial...  ...of Security Operations: Drive the...  ...a technical Cybersecurity Engineering role... 
    Operations
    Senior
    Permanent employment
    Casual work

    PLANIT Group

    Falls Church, VA
    5 days ago
  •  ...Trust Architect to design and implement cybersecurity solutions for the U.S. Government. The role requires extensive experience in IT operations and cybersecurity, particularly in Zero Trust methodologies. Key responsibilities include developing roadmaps, coordinating... 
    Operations
    Senior

    Phase2 Technology

    Mc Lean, VA
    15 hours ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Government and Public Sector - Cybersecurity - Operations and Threat Detection Response - Sr Manager. Be the first to apply!