Program Manager, Security Operation Center SME - Military veterans preferred

ManTech (


  full-time   employee

District of Columbia
United States

Secure our Nation, Ignite your Future

Become an integral part of a diverse team while working at an Industry Leading Organization, where our employees come first.  At ManTech International Corporation, you’ll help protect our national security while working on innovative projects that offer opportunities for advancement.

Currently, ManTech is seeking a motivated, career and customer-oriented Program Manager/SOC SME to join our Cybersecurity team supporting a dynamic federal customer in the Washington DC area.

Responsibilities include, but are not limited to:

  • Managing large, complex cybersecurity engineering projects, ensuring that the technical solutions and schedules are implemented on time and within cost.

  • Serving as the interface between the Program, customers, and contracting representatives.

  • Coordinating within and across organizational cybersecurity discipline on investigative tasks, analysis, reporting, resource requirements, task suspense, remediating actions, etc.

  • Monitoring customer satisfaction which includes interaction with internal and external customers.

  • Collaborating with agency infrastructure engineering to ensure successful implementation, maintenance, and operation of cybersecurity appliances.

  • Supporting agency leadership by making recommendations and supporting initiatives to reduce project costs and enhance customer the customer cybersecurity framework (automation, equipment, tools, technology, process, training, etc.).

  • Review and update Incident Response Plans, policies, SOPs, IR Playbooks, Knowledge articles, and other operational documentation.

  • Attending customer meetings and providing detailed minutes as required.

  • Meeting contractual performance criteria and due dates and managing successful overall project completion.

  • Making independent decisions within the scope of the contract to include personnel schedule, work to be accomplished, and expected deliverables.

  • Coaching, mentoring and evaluating the performance of assigned contract personnel.

  • Reporting the current cybersecurity posture to the agency Director of Cybersecurity Services and Chief Information Security Officer 

  • Providing written status reports as required.

  • Flexibility to support 24x7x365 SOC operations during an incident response emergency, if needed.

  • Responsible for ensuring the team is monitoring intrusion detection and prevention systems and other security event data sources collected on a 24x7x365 basis.  Determine if critical cybersecurity events identified need to be escalated to leadership or reported to external partners.

  • Ability to problem-solve, ask questions, and discover why things are happening during intrusion monitoring.

  • Possess the cybersecurity knowledge to correlate data from intrusion detection and prevention systems with data from other sources such as firewalls, web servers, Syslogs and provide remediating guidance as a Subject Matter Expert.

  • Review and approved procedures and playbooks for handling security events detected during SOC operations.

  • Coordinate with the cybersecurity engineering team to ensure production SOC systems are operational.

  • Provide guidance for tuning and filtering events and information, creating custom views and content using all available tools following an approved methodology and with approval of concurrence from senior management.

  • Track and update “Case Management" processes for incident and resolution tracking. The procedures should also be used for the historical recording of all anomalous or suspicious activity.  

  • Significant knowledge of how to identify misuse, malware, or unauthorized activity on monitored networks. Report the activity appropriately as determined by agency Management.

  • CONUS travel may be required between customer sites, <7 days yearly (Est).

Basic Qualifications:

  • Experience serving as a program or project manager leading and supervising a multi-disciplinary IT or cybersecurity staff of various knowledge levels.

  • Demonstrated experience in a leadership role with responsibility for managing personnel, tasks, and interaction with all levels of customers.

  • Bachelor’s Degree in cybersecurity, computer engineering, computer science, or other closely related IT discipline.  Five years of operational cybersecurity will be considered in lieu of a Degree.

  • Strong analytical and problem-solving skills.

  • Good interpersonal, organizational, writing, communications, and briefing skills.

Preferred Qualifications:

  • PMP®, ITIL® v3 Foundation, or equivalent project management certification.

  • SANS GCIA, ISC2 CISSP, CEH, or other cybersecurity certifications.

  • Experience with BMC Remedy and/or Splunk Enterprise Security.

  • Familiarity with Microsoft Azure Sentinel and Microsoft Defender Tool Suite

  • Experience managing projects in Microsoft Excel or Microsoft Project.

  • Knowledge of Endpoint Detection & Response Solutions.

Security Clearance Requirements: Applicants must be a US Citizen and must possess an active TS/SCI with eligibility to obtain CI Polygraph.

Physical Requirements:

  • Sedentary work that primarily involves sitting/standing/walking/Talking and must be able to remain in a stationary position 50%.

  • ?Moving about to accomplish tasks or moving from one work site to another.

  • Constantly positions self to maintain computers in the lab, including under the desks and in the server closet.

  • Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine and computer printer.

  • Must be able to detect, Determine, Perceive, Identify, Recognize, Judge, Observe, Inspect, Estimate, & Assess.

  • The person in this position frequently communicates with co-workers, management and customers, which may involve delivering presentations. Must be able to exchange accurate information in these situations.

  • Working with computers.

For all positions requiring access to technology/software source code that is subject to export control laws, employment with the company is contingent on either verifying U.S.-person status or obtaining any necessary license. The applicant will be required to answer certain questions for export control purposes, and that information will be reviewed by compliance personnel to ensure compliance with federal law. ManTech may choose not to apply for a license for such individuals whose access to export-controlled technology or software source code may require authorization and may decline to proceed with an applicant on that basis alone.

ManTech International Corporation, as well as its subsidiaries proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active Duty Wartime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law.

If you require a reasonable accommodation to apply for a position with ManTech through its online applicant system, please contact ManTech's Corporate EEO Department at (703) 218-6000. ManTech is an affirmative action/equal opportunity employer - minorities, females, disabled and protected veterans are urged to apply. ManTech's utilization of any external recruitment or job placement agency is predicated upon its full compliance with our equal opportunity/affirmative action policies. ManTech does not accept resumes from unsolicited recruiting firms. We pay no fees for unsolicited services.

If you are a qualified individual with a disability or a disabled veteran, you have the right to request an accommodation if you are unable or limited in your ability to use or access as a result of your disability. To request an accommodation please click and provide your name and contact information.