Government and Public Sector - Cybersecurity - Operations and Threat Detection Response - Sr Manager
$170.6k - $390kErnst & Young
Senior Manager, Security Operations & Threat Detection and Response – Government & Public Sector From strategy to execution, the Government & Public Sector practice (“GPS”) of Ernst & Young provides a full range of consulting and audit services to help our Federal, State, Local and Education clients implement new ideas to help achieve their mission outcomes. We deliver real change and measurable results through our diverse, high‑performing teams, quality work at the highest professional standards, operational know‑how from across our global organization, and creative and bold ideas that drive innovation. The opportunity As a Senior Manager in Security Operations & Threat Detection and Response within EY’s Government & Public Sector (GPS) practice, you will lead the strategy, design, transformation, and operation of mission‑critical Security Operations Centers (SOCs) for federal, state, local, and education clients. This role blends strategic cybersecurity advisory, operational leadership, and business development ownership in classified and highly regulated environments, up to the Top Secret (TS) level. You will lead large, complex engagements supported by cleared delivery teams, serve as a trusted advisor to senior government stakeholders, and act as a primary driver of revenue growth for EY’s GPS Threat Detection & Response offerings. This role is expected to lead the modernization of government security operations through AI‑enabled analytics, automation‑driven workflows, and XDR‑led telemetry unification across hybrid and multi‑cloud environments. The Senior Manager will be accountable for transforming traditional SOC models into metrics‑driven, outcome‑oriented operations that improve detection fidelity, reduce response time, and operationalize compliance at scale across mission‑critical federal programs. Your Key Responsibilities Define and drive security operations strategies and target operating models aligned to agency missions, risk tolerance, and regulatory mandates. Design and implement SOC operating models that support cleared, U.S.-based delivery in environments up to the TS level, hybrid architectures, and follow‑the‑sun coverage where permissible. Own engagement delivery outcomes, ensuring services meet EY quality standards, contractual SLAs, and government client expectations. Contribute to the development of EY GPS and global cybersecurity methodologies, assets, and accelerators in Threat Detection & Response. Lead the design and operation of AI‑enabled and automation‑driven SOC capabilities, including agent‑based workflows and advanced analytics that accelerate alert triage, enrichment, and response. Drive XDR‑led detection strategies, unifying telemetry across EDR, NDR, SIEM, identity, cloud, and SaaS platforms into a coherent and prioritized threat detection model. Oversee multi‑cloud and hybrid SOC architectures, integrating Azure, AWS, and on‑prem environments into centralized detection and response operations. Own security operations performance metrics, including MTTD, MTTR, dwell time, alert fidelity, and automation coverage, using these KPIs to drive continuous improvement and executive‑level reporting. Establish fusion across adjacent operational domains, including vulnerability management, identity security, data protection, and threat intelligence, reflecting how GPS programs are funded, governed, and measured. Oversee day‑to‑day SOC operations supporting classified (up to TS) and unclassified environments, including: Threat monitoring, alert triage, and escalation Incident containment, eradication, and recovery coordination Detection engineering, use‑case development, advanced analytics, and tuning across SIEM and XDR platforms Threat hunting and integration of cyber threat intelligence SIEM and SOAR runbook development and optimization Act as Incident Commander and executive escalation point for high‑severity cyber incidents, coordinating response with client leadership and government stakeholders. Integration of automated response and orchestration to reduce analyst burden and improve response consistency. Lead post‑incident reviews using MITRE ATT&CK and adversary‑informed defense techniques to measurably improve detection coverage and response effectiveness. Advise senior government stakeholders on SOC modernization roadmaps, translating operational metrics and detection outcomes into mission risk, compliance posture, and investment justification. Lead SOC assessments and maturity reviews using EY and industry frameworks (e.g., NIST CSF, NIST 800‑53, RMF, ISO 27001). Develop actionable roadmaps to mature clients’ SecOps capabilities across tooling, cleared workforce models, processes, and governance. Prepare and deliver client‑ready proposals, Statements of Work (SoWs), executive briefings, and classified or unclassified presentations as required. Ensure adherence to EY risk management, independence, and quality standards across all engagements. Oversee documentation of SOC procedures, incident records, and governance artifacts to support audits, inspections, and regulatory reviews. Support clients in aligning security operations with public sector mandates and regulations (e.g., FISMA, FedRAMP, CMMC, NIST, Zero Trust). Lead business development efforts for Security Operations, SOC transformation, and managed detection and response engagements across GPS clients. Originate opportunities by building trusted relationships with senior government stakeholders and identifying mission‑driven and regulatory cybersecurity needs. Own and lead end‑to‑end pursuits, including: Opportunity shaping and qualification Solution architecture and cleared delivery model design Pricing, margin management, and risk review RFP/RFI responses, orals, and executive negotiations Serve as the primary relationship lead for assigned accounts, driving account planning, pipeline development, and sustained revenue growth. Lead, mentor, and develop multidisciplinary teams of analysts, engineers, and consultants. Foster an inclusive, collaborative culture aligned with EY values and public service mission outcomes. To qualify for the role you must have Bachelor’s degree in Computer Science, Information Security, Engineering, or a related field; Master’s degree preferred. Typically 8–12+ years of cybersecurity experience, including 4–5+ years in SOC or incident response leadership roles. Must be comfortable working in‑person as needed. Must be able to obtain/maintain a secret level clearance. Experience leading large, complex cybersecurity engagements in consulting or managed services environments. Demonstrated experience supporting government or highly regulated clients. Professional Certifications (highly desirable): 2 or more of: GIAC Security Expert (GSE) preferred or other SANS GIAC certifications
CISSP, CISM, CISA, CRISC
ITIL Foundation or higher Cloud and modern security certifications are an advantage: CCSP, Microsoft SC 200/SC 100, Azure Security Engineer AWS Security Specialty, Google Professional Cloud Security Engineer Due to the nature of our work in the Government and Public Sector, work may be required to be completed at client, EY and/or contractor sites. Our goal is to assign professionals to projects within a commutable distance of their work location office. In certain circumstances, travel may be required beyond your work location based on client and project needs. Candidates should be willing to travel 20 – 30% or more. Ideally, you’ll also have Proven ability to lead client engagements end‑to‑end while owning pipeline and revenue growth. Strong commercial acumen, including pricing, margin management, and risk governance. Executive‑level communication, stakeholder management, and negotiation skills. Ability to operate calmly and decisively during high‑pressure cyber incidents. Deep understanding of SOC operations (Tier 1–3), incident response lifecycle, and threat hunting. Demonstrated ability to make senior‑level technical decisions across detection engineering, incident response, and adversary tradecraft in complex government environments. An active U.S. security clearance is required due to the nature of government client work. Top Secret (TS) clearance is highly preferred. What We Offer You Comprehensive compensation and benefits package where you’ll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $170,600 to $390,000. The base salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $204,800 to $443,200. Individual salaries within those ranges are determined through a variety of factors including, but not limited to, education, experience, knowledge, skills and geography. Medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Hybrid work model with expectation to work in person 40‑60% of the time over the course of an engagement, project or year. Flexible vacation policy allowing you to decide how much vacation time you need based on your personal circumstances, with time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your well‑being. EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please contact EY Talent Shared Services Team as indicated in the company resources. #J-18808-Ljbffr EY- EY in McLean, VA seeks a Senior Manager to lead Security Operations, Threat Detection and Response for Government & Public Sector. You will guide strategy, design, and operation of mission-critical SOCs for federal, state, and education clients, including TS-level environments...OperationsSenior
- Terrestris Global Solutions in Washington, DC is seeking a Senior Security Operations Analyst to monitor and respond to cybersecurity threats. The candidate will analyze security events, manage incident response, and support the National Indian Gaming Commission's cybersecurity...OperationsSenior
$100k - $120k
...private‑ and public‑sector clients... ...this position: Sr. Cybersecurity Incident Response Specialist Location... .... Develop operational baselines... ...Prepare and manage playbooks... ...800‑61 and Government guidance. Follow... ...to augment detection of network... ...understanding of threat actor TTPs,...OperationsSeniorFull timeContract workWork at officeLocal area$132.5k - $338.3k
...an experienced Threat Informed Defense Senior Manager to an already outstanding... ..., protect, detect, respond to,... ..., hunting, and response across... ...intelligence programs, govern analytic and... ...hunting, or security operations, with... ...computer science, cybersecurity, data engineering...OperationsSeniorWork experience placementLive inWork at officeLocal area$130k - $170k
ActioNet, Inc. is seeking a Tier 3 Cybersecurity Analyst in Rockville, MD. This... ...technical position focuses on advanced threat detection, incident response, and forensic analysis within a... ...integrating threat intelligence into operations. The salary range is $130k-$170k....OperationsSenior- ...seeking a Senior Incident Response Analyst to join our Security Operations Center. This hybrid position... ...will involve monitoring, detecting, and responding to cybersecurity threats affecting a large-scale... ...especially within mission-critical government programs. Qualified...OperationsSenior
- ...(TDI) is a cybersecurity firm built for... ...effectively manage risk & the... ...Senior Incident Response Analyst to... ...-critical government program. As... ...the Security Operations Center, you... ...help monitor, detect, investigate... ...cybersecurity threats affecting a... ...to obtain Public Trust clearance...OperationsSenior
$161.9k - $218.6k
..., we're seeking a Sr. Product Marketing Manager (PMM) who can shape... ...future of cloud cybersecurity. As the world's leading... ...domains - from threat detection and network... ...for you. Key job responsibilities * Partner with product... ...cybersecurity, security operations, networking,...OperationsSeniorLocal areaFlexible hours- ...processing, triage, threat analysis, and response to cyber... ...Systems (ICS), Operational technology (OT),... ...infrastructure sectors. Practical experience... ...currently hiring Sr Industrial... ...procedures (TTPs) for detecting and responding... ...findings for senior US government intelligence and...OperationsSeniorCurrently hiring
$229.9k - $262.4k
...Product Senior Manager, Endpoint... ...days ago. Full responsibilities, required... ...game-changing cybersecurity solutions based on threat, data, and... ...engineering and operations partners,... ...-driven detection and response... ...allowlisting or device governance.* Strong... ...262,400 for Sr Manager,...OperationsSeniorFull timePart timeH1bLocal area- ..., protect, detect, respond, and... ...lifecycle. Cybersecurity challenges... ...security operations center, we... ...the security sector’s brightest... ...security, and managed service... ...systems secure, governed, and... ...detection systems, threat models, and... .... Key Responsibilities Lead AI...OperationsSeniorWork experience placementLive inWork at officeLocal area
$100k - $120k
...SkyePoint Decisions is a leading Cybersecurity Architecture and... ...Critical Infrastructure and Operations, and Applications... ...challenges faced by our federal government clients. Our focus is on... ...Decisions is seeking a Incident Detection/Response Manager (SOC Manager) to join our...OperationsContract workRemote workShift work$150k - $201.6k
...Security Engineer, Threat Response . This position... ...our Security Operations Center (SOC), incident... ...activities to detect unknown and... ...Work with other cybersecurity teams to improve... ...solutions for four sectors: Technology &... ...of the date of publication and may be modified...OperationsSeniorTemporary workRemote workFlexible hours$125.3k - $233k
...next‑generation detection and... ...adversaries and manage massive data scales... ...knowledge of threat modeling with... ...for automated response. Design interfaces... ...security, and governance strategies for... ..., and operating AI/ML models while... ...Knowledge of cybersecurity operations, detection...OperationsSeniorLocal area$109k - $124.4k
...Associate, Cyber Governance & Risk -... ...tough cybersecurity problems in... ...development and IT operations, and have... ...and detection tools, data... ...configuration management. You are familiar... ...to a team responsible for... ...vulnerabilities, threats, controls,... ...24,400 for Sr. Assoc,...OperationsSeniorFull timePart timeH1bLocal area$70 - $85 per hour
...highly skilled Network Detection & Response (NDR) Architect to... ...This role is ideal for a cybersecurity professional who excels in threat detection, network architecture... ...teams. Ensure NDR operations meet compliance... ...supporting audits and governance. Technical Expertise...OperationsContract work$104.8k - $192.2k
...working world. Government and Public Sector – Cybersecurity – Penetration... ...professional standards, operational know-how from... ..., delivering and managing engagements to assess... .... Your key responsibilities Our... ...identify potential threats and vulnerabilities...OperationsSeniorFor contractorsSummer holidayWork at officeLocal areaFlexible hours$170.7k - $190.8k
Senior Manager, Security Operations (Hybrid) Senior Manager... ...Operations, is responsible for ensuring the... ...effectively to threats, and mature... ...monitoring, threat detection, vulnerability... ...core security governance activities while... ...Provide strategic cybersecurity guidance and...OperationsSeniorWork at officeRemote workFlexible hours- ...Sr. Channel Account Manager Shape the future of cybersecurity at Forescout. Every day cyberattacks... ...organizations, government agencies, and... ..., and mitigate threats. From power... ...50% travel. Responsibilities include the following... ...on strategy, operations, and go to...OperationsSeniorWorldwide
- ActioNet is seeking a Tier 3 Cybersecurity Analyst in Rockville, MD to lead advanced incident detection and response within the SOC. The role focuses on threat hunting, forensic analysis, and integrating... ...sophisticated threats impacting government systems. The incumbent will...Senior
$170.6k - $390k
...Join EY’s Cybersecurity consulting practice... ...leader responsible for designing,... ...implementing, and governing secure network... ...and security operations teams. Join... ...team as a Senior Manager in... ...against a myriad of threats while leading... ...transactions. Fueled by sector insights, a...OperationsSeniorSummer holidayRemote workFlexible hours- ...modernization and elite cybersecurity solutions. We... ...an evolving threat environment.... ...for a Public Trust clearance... ...Senior IT Project Manager -... ...project manager responsible for directing... ...cybersecurity governance, risk, and compliance... ...cybersecurity operations and seamless handoffs...OperationsSeniorContract workFor subcontractorWork at office
- A premier cybersecurity firm in Arlington, VA is seeking a Cyber Network Defense Analyst. The role involves monitoring network activity, analyzing threats, and coordinating with cyber defense teams. Candidates should have 8+ years of cyber defense analysis experience and...Senior
$132.5k - $338.3k
...prepare, protect, detect, respond and... ...lifecycle. Cybersecurity challenges... ...entire security operations center, we... ...the security sector’s brightest people... ...security and managed service... ...the following responsibilities: Provides solutions... ...security governance (security...OperationsSeniorWork experience placementLive inWork at officeLocal area- ...JPMorganChase within the Cybersecurity & Technology Controls Incident Management & Response team, you will serve... ...Center and Security Operations Center, providing 24/... ...against evolving threats. If you are passionate... ...corporate, institutional and government clients under the J.P...Operations
$150k
...Technology services to government clients in support of critical... ...of Infrastructure Operations, Application Development, Cybersecurity, Virtualization, Cloud... ...a Senior Capture Manager to join our team in supporting... ...Manager will be responsible for managing the full capture...OperationsSeniorContract workTemporary workFor subcontractorLocal areaRelocation package- ...professional to oversee fraud detection and risk operations for a large federal... ...Director of Program Management, this role is responsible for oversight, monitoring... ..., local, and private sector counterparts to understand... ...in a health plan, government agency, or large healthcare...OperationsSeniorContract workWork at officeLocal areaFlexible hours
- ...thrives here. Responsibilities Lead incident response... ...all observed threats and document all... ...& system operations to ensure effective... ...Act as incident manager for all declared... ...education 8+ years of cybersecurity investigation... ...EDR tools for detection and response It...OperationsSeniorFlexible hours
- ...You will be responsible for building... ...centers and public cloud environments... ...proactive threat detection. Duties and... ...Engineering: Build and manage secure... .../ML Security Governance (Adversarial... ...of Security Operations: Drive the... ...a technical Cybersecurity Engineering role...OperationsSeniorPermanent employmentCasual work
- ...Trust Architect to design and implement cybersecurity solutions for the U.S. Government. The role requires extensive experience in IT operations and cybersecurity, particularly in Zero Trust methodologies. Key responsibilities include developing roadmaps, coordinating...OperationsSenior
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Government and Public Sector - Cybersecurity - Operations and Threat Detection Response - Sr Manager. Be the first to apply!


