Senior SOC Chief with Security Clearance

Description Clearwaters.IT is seeking an experienced Senior SOC Chief to support a program within the Department of Commerce. This role will oversee the Security Operations Center (SOC), ensuring the coordination, execution, and efficiency of incident response activities. The Senior SOC Chief will be responsible for managing project tracking schedules, maintaining risk registers, and mitigating risks and issues associated with SOC and incident response activities. The position will ensure that all deliverables are timely, accurate, and of the highest quality. This position is on-site in Washington D.C. The position is contingent on the award. The SOC Chief will lead the 24x7x365 Security Operations Center, overseeing all aspects of cybersecurity monitoring, detection, incident response, and reporting in accordance with federal regulations, policies, and guidelines to ensure continuous protection of agency IT systems and assets, while maintaining compliance with NIST, DOC, and other federal cybersecurity directives. Lead, manage, and coordinate 24x7x365 SOC operations, ensuring proactive and real-time cybersecurity monitoring, detection, analysis, and incident response. Be on call before and after the normal hours of operation including weekends and holidays. Oversee investigation of alerts received through automated tools, user reports, and external notifications to identify potential threats and vulnerabilities. Serve as the primary Incident Commander for all cybersecurity incidents, ensuring effective response and mitigation strategies. Direct the triage, initial analysis, and root cause determination of cybersecurity incidents, including appropriate response and recovery actions to minimize harm. Ensure compliance with federal cybersecurity laws, NIST SP 800-61, Federal Incident Notification Guidelines, and Department of Commerce (DOC) reporting requirements. Manage all Tier-level support operations: Tier 1: Basic alert monitoring and logging Tier 2: In-depth analysis and correlation of events Tier 3: Advanced threat response and threat hunting Supervise the Tier 3 Lead in developing staff schedules aligned with DOC operational metrics and coverage requirements. Review and ensure accuracy and completeness of shift logs, incident reports, SOC Activity Trackers, operational status updates, and internal/external IR metrics and reports. Develop, manage, and continuously update a Cyber Defense Playbook that includes attack vectors, response scenarios, and visual diagrams aligned with NIST SP 800-61. Create and maintain the SOC Communication Plan, including an accurate call tree, ensuring all updates are completed within 24 hours of change notification. Collaborate closely with other DOC Enterprise SOCs and federal partners to enhance incident response coordination and overall cyber defense posture. Provide executive reporting and briefings on SOC activities, threat trends, and operational effectiveness. Perform activities such as project tracking, schedule management, risk register maintenance, and the development of risk and issue mitigation strategies for SOC operations and incident response. Ensure the timeliness and quality of deliverables so that all information and data are accurate and complete. Lead Information Security GAP Analysis review, perform administrative functions such as reviewing performance and operations to ensure appropriate performance. Ensure effective coordination, collaboration, and communication with ESOC and OCOS federal personnel. Lead, mentor, and develop the SOC team, ensuring staff are well-trained, prepared for incident response, and capable of handling evolving cyber threats. Stay informed about emerging cybersecurity threats, technologies, and best practices to ensure the department's SOC remains current and effective. Requirements Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Engineering, or a related field is required. Minimum of 7 years of experience in cybersecurity or relevant field is required. Certified Information Systems Security Professional (CISSP) or other relevant cybersecurity certifications (e.g., CISM, CISA, Security+) are required. Incident Command certifications or equivalent advanced cybersecurity certifications are preferred. Must have an active TS/SCI clearance. Must be a U.S. citizen. Proven experience in handling complex cybersecurity incidents and leading a team in a SOC environment. Demonstrated experience in project management, including scheduling, risk management, and delivering high-quality security operations and incident response activities. In-depth knowledge of cybersecurity frameworks and standards, such as NIST, FISMA, and ISO 27001. Strong understanding of SOC operations, including network security, threat detection, incident response, and vulnerability management. Experience with SIEM platforms, intrusion detection systems (IDS), firewalls, and endpoint protection technologies. Familiarity with risk management frameworks and the ability to develop and implement effective risk mitigation strategies. Excellent communication, leadership, and coordination skills, with the ability to lead cross-functional teams under pressure. Experience in preparing documentation, playbooks, metrics, and communication plans to support SOC operations. Benefits Competitive salary and benefits package, including: Health, dental and vision insurance 401(k) with company match Paid time off (PTO) for vacation, sick leave, and personal days Professional development reimbursement Other benefits, including life insurance, disability insurance, and employee assistance programs