Ridgeline was founded in 2015 by a group of people with more than half a century of combined experience contributing to U.S. National Security. We understand our clients’ unique missions and we deliver innovative solutions to their most difficult challenges, filling critical technical gaps across the U.S. Government and business worlds. At Ridgeline, our capabilities extend from the classroom, where we provide the tools and training needed to work and communicate securely, to our engineered systems of specialized hardware and software that address critical security issues, and into Research and Development, where we dream, design, and build solutions to the threats of tomorrow. We iterate and deliver quickly – in the course of weeks or months, not years – and we’ve trained more than 1,000 people, deployed to over 50 countries, and managed systems with more than 2,000 end users.

The Security Operations Center (SOC) Manager will support incident detection and response program at Ridgeline. This role leads and further develops a team of analysts who perform security monitoring of threats as well as the tools and processes that support the core mission of defending the company from cyber-threats.

What you will do:

As the SOC Manager, you lead the security monitoring and response of multiple network enclaves, collaborate closely with the DevOps and Engineering teams to ensure security operations are incorporated throughout the SDLC, and maintain a culture of technical excellence, continuous growth, and ownership of the company’s cyber security.

• Manage the daily operations and effectiveness of the SOC
• Develop staff of varying skill levels on both cybersecurity competencies
• Maintain situational awareness of enterprise systems security
• Enhance SOC effectiveness through development and refinement of dashboards, visualizations, data sources, signatures, and alerts
• Detect, investigate, and respond to threats
• Keep team apprised of current advanced persistent threats, i.e., TTPs of attackers, and keep team up-to-date on indicators of compromise
• Participate in the development and tracking of key performance indicators (KPIs) related to SOC operations, to benchmark and further enhance capabilities
• Participate in internal assessments and tabletop exercises, and other activities that contribute to operational readiness
• Manage SOC support to incident response
• Communicate security topics to non-technical audiences via written and verbal means
• Develop ways to automate SOC procedures and processes as feasible

What you will accomplish in the first six months:

• Conduct a review of the Security Infrastructure and Architecture including sensors, security appliances, and data collection and log aggregation
• Participate in a revamp of the company incident response plan and develop a Cyber Incident Response scenario, e.g., tabletop exercise, for the SOC encompassing true security incidents and false alarms
• Deliver a proposal to start a Cyber Threat Hunting Initiative within the company
• Measure and report key performance indicators (KPIs) that demonstrate how the SOC is performing and submit recommendations for improved performance

Must-haves: 

• Ability to obtain and maintain a Secret security clearance 
• Bachelor’s Degree Cyber Security, Computer Science, a related field, or comparable relevant experience
• Strong IT skills including knowledge on hardware, software, and networks
• Demonstrated success in the information systems, cyber security, information assurance, or related field.
• Experience developing Splunk queries and dashboards
• Background or knowledge of network or media forensic investigative techniques.
• Background or knowledge of detecting, assessing, and remediating cyber security threats/incidents
• Scripting skills in Python or similar interpreted language
• Self-starter who can work independently and as a part of a team
• Desire to self-educate on the ever-changing landscape of detection, exploitation, and remediation techniques.

Nice-to-haves:

• Top Secret Clearance is preferred
• At least one of the following certifications is highly preferred: GCDA, GCED, GMON, GCIA, GCFA, GCIH, CRISC, CISA, CCSP, CHFI, CCNA Security
• Experience with Cisco devices is preferred
• Experience with Distributed Deployments of Splunk is preferred
• Experience with Fortinet devices is preferred
• Experience with Cloud-based hosting solutions is preferred
• Experience with Containerization solutions is preferred

Here are some Perks of being a Ridgeliner!

• Flexible and remote work schedules
• Flexible PTO + holidays
• 10% 401K contribution/match
• $2,000 annual tech/clothing allowance
• $2,500 annual training/hobby allowance
• Medical, dental, vision, disability, life insurances
• Professional coaching services
• Get the technology you want to do your job
• We have free daily snacks & drinks

We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We are proud to be an equal opportunity workplace.

Ridgeline International is committed to providing equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We are proud to be an equal opportunity workplace.