Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Cyber Security SOC Manager

Gdit

Public Trust: Other
Requisition Type: Regular
Your Impact

Own your opportunity to support the missions that matter. From working with technologies like AI, cyber and cloud to careers in intelligence and health, we offer endless opportunities to apply your expertise to create a safer, smarter world while building new skills to propel your career forward.

Job Description

As the Cyber Security SOC Manager supporting VITA, this leader is the technical driver of the SOC's day-to-day operations and detection posture — architecting how the operation detects, responds, and improves, and keeping a finger on the pulse of the industry to know which tools and practices to integrate, replace, or retire.

This role partners with the Operations Manager on the SOC's broader strategic direction; the SOC Manager brings the technical and architectural point of view to that partnership rather than setting strategy unilaterally. They lead the Tier I–III analyst team and are accountable for team performance, shift coverage, analyst development, and SLA compliance. They partner with an embedded SOC Analyst, Tier III, as their senior execution arm, building against the standards and architecture the SOC Manager defines.

Deep hands-on command of Splunk is required, with strong working knowledge of Tenable and CrowdStrike used to design the SOC's detection pipeline, data model, and automation fabric. The SOC Manager is the senior escalation point for complex incidents and a credible customer interface — customer-facing, but grounded in technical authority rather than sales. Above all, this role drives measurable improvement: better performance, better reporting, fewer errors, lower cost where possible, and a more secure environment.

SOC Operations & Incident Response

  • Serve as senior escalation authority for complex, high-severity incidents; oversee containment and remediation, and ensure documentation and customer communication throughout the incident lifecycle.
  • Provide expertise with IOCs, TTPs, threat hunting, and threat intelligence; own customer-facing escalation and remediation.
  • Ensure the team recognizes intrusion attempts and triages, prioritizes, and escalates incidents per established runbooks.
  • Ensure detection of the full spectrum of known attacks (DDoS, malware, phishing, ransomware, and others) and correlation of events across capabilities.
  • Ensure malware analysis is reviewed and correlated across incidents, and that malicious activity is documented and reported with clear remediation recommendations.


Splunk & Detection — Manager Directs, Tier III Executes

  • Set the standards, priorities, and design for Splunk dashboards, reports, correlation searches, and alert actions that give analysts and leadership visibility into threat activity, SOC performance, and incident trends — the SOC Analyst, Tier III executes the build and maintenance.
  • Direct automated detection and correlation content that reduces analyst workload, cuts false positives, and speeds response to high-priority threats.
  • Oversee SPL searches, scheduled reports, and lookup-driven workflows; guide scripting (Python, PowerShell) that extends Splunk and supports automation.
  • Retain hands-on fluency in Splunk and CyberArk sufficient to direct the work credibly, validate quality, and step in when needed.

Detection Tuning & Compliance Alignment

  • Align detections and logging with frameworks and controls: NIST 800-53, NIST CSF, PCI DSS, HIPAA, and SOX as applicable to the customer environment.
  • Set the tuning strategy for use cases, correlation rules, and alert logic to raise fidelity and reduce noise across the SOC; the Tier III analyst implements the changes.

Automation & Scripting

  • Working knowledge of scripting (Python, PowerShell, or Bash) for automation, log parsing, and workflow integration — able to read and modify scripts to direct SOC automation.
  • Champion automation that cuts manual analyst burden, improves detection fidelity, and accelerates response, directing the Tier III analyst on implementation.

Team Leadership & SOC Management

  • Lead, supervise, and develop the Tier I–III team; manage shift scheduling, performance expectations, and career development — using the SOC Analyst, Tier III as the senior execution arm for the Manager's technical vision.
  • Own SOC SLA compliance and performance reporting; deliver operational metrics, trend analysis, and executive briefings to program leadership and the customer.
  • Serve as the primary customer interface; manage expectations, communicate incident status, and build trusted relationships with VITA stakeholders.
  • Drive continuous improvement across processes, runbooks, and playbooks; run post-incident retrospectives and apply lessons learned.

SOC Architecture & Continuous Improvement

  • Keep a finger on the pulse of the industry — continuously assess tools, platforms, and techniques for technical fit, and recommend what to integrate, replace, or retire across the detection and response stack.
  • Define the target-state SOC architecture — detection pipeline, data model, and automation fabric — and set the engineering standards the Tier III analyst executes against.
  • Partner with the Operations Manager on SOC strategy, contributing the technical and architectural perspective to shared strategic decisions rather than setting direction unilaterally.
  • Drive improvement by design: higher detection fidelity and performance, cleaner reporting, fewer manual errors, lower tooling and compute cost, and a stronger security posture.
  • Evaluate and prototype new capabilities before production; make build-vs-buy and integrate-vs-replace calls grounded in hands-on assessment.
  • Raise the team's engineering bar, mentoring analysts toward detection-engineering practices with the Tier III analyst as senior builder.


Required Qualifications

  • Education: BA/BS or equivalent
  • Experience: 5+ years of experience required in cybersecurity operations, including demonstrated supervisory or team-lead experience in a SOC environment. 8+ years of experience strongly preferred .
  • Splunk: Advanced SPL, dashboard development, automated alerting, and correlation-search creation in an operational SOC.
  • Tenable and CrowdStrike: Native data experience and interpretation skills, correlation with other data, and understanding of the integration with Splunk data and dashboards.
  • Must possess or be able to obtain within six months of start two of the following certifications to meet DoD 8140/DCWF CSSP Analyst requirements: CEH, CFR, CCNA Cyber Ops, CCNA-Security, CySA+, GCIA, GCIH, GICSP, Cloud+, SCYBER, or PenTest+.

Security Clearance Level: Must be able to pass a background check to obtain a position of Public Trust.

Location: On-site at GDIT's Integrated Technology Center in Bossier City, LA.


GDIT IS YOUR PLACE
At GDIT, the mission is our purpose, and our people are at the center of everything we do.


● Growth: AI-powered career tool that identifies career steps and learning opportunities
● Support: An internal mobility team focused on helping you achieve your career goals
● Rewards: Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off
● Flexibility: Full-flex work week to own your priorities at work and at home
● Community: Award-winning culture of innovation and a military-friendly workplace

OWN YOUR OPPORTUNITY
Explore a career in cyber at GDIT and you’ll find endless opportunities to grow alongside colleagues who share your focus on defending and protecting what matters.

#GDITLA 

Work Requirements

Years of Experience

5 + years of related experience

* may vary based on technical training, certification(s), or degree

Certification

Certified CyberSec First Responder (CFR) | CertNexus - CertNexus

Certified Ethical Hacker (CEH) | EC-Council - EC-Council

CompTIA PenTest+ CE | CompTIA - CompTIA

Cisco Certified Network Professional (CCNP) Security | Cisco - Cisco

CompTIA Cybersecurity Analyst+ CE (CySA+) | CompTIA - CompTIA

Travel Required

Less than 10%

Vacancy posted 1 day ago
Similar jobs that could be interesting for youBased on the Cyber Security SOC Manager in Bossier City, LA vacancy
  • $200k - $275k

     ...Chief Information Security Officer Are you looking for limitless career opportunities with...  ...teamwork? At Ntiva, we're more than a Managed Services Provider, we're a community dedicated...  ...risk and compliance, through our SOC and incident response capability, to client... 
    Suggested
    Contract work
    For contractors
    Remote work
    Work from home
    Shift work

    Ntiva

    Shreveport, LA
    1 day ago
  • $105.79k - $141.05k

     ...network and connected ecosystem. We enable secure, high‑performance connectivity across...  ...and as an experienced member of a team to manage the execution of multiple security controls...  ...testing of CMMC audits, SSAE 16, AT-101 (SOC 1 / SOC 2), PCI, ISO, HIPAA, Privacy, NACHA... 
    Suggested
    Full time
    Temporary work
    Remote work

    Lumen

    Shreveport, LA
    4 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Cyber Security SOC Manager. Be the first to apply!