Security Operations Center Director

The Department of Information Technology (DoIT) provides support to state agencies, the Executive Office of the Governor, the Governor’s coordinating offices, and a variety of independent agencies within the Executive Branch. Striving to provide the highest level of customer service to its internal and external customers, DoIT supports Maryland’s agencies and commissions through its leadership and strategic direction for Information Technology and Telecommunications, establishing a long range, target.

This position provides leadership for the Maryland Security Operations Center (MD-SOC), responsible for delivering cybersecurity monitoring and incident response services to state and local government entities. The Director oversees a team of SOC analysts and a SOC manager, ensuring the effective customer service, communications, and monitoring of MD-SOC client environments for the detection, analysis, and response of cybersecurity events and alerts.

Working under the managerial supervision of the Sr. Director of State Cyber Resilience, this position is critical to achieving the states mission of securing its digital assets through the security monitoring and incident response of the MD-SOC, in accordance with the mandates outlined in State Finance and Procurement §3.5–2A–02 et seq.

***This is a management service position which serves at the pleasure of the appointing authority***

Maryland Security Operations Center Management: Directs the MD-SOC, overseeing the team of SOC analysts and a SOC manager. Ensures the development and consistent application of effective technical monitoring, detection, analysis, and security incident remediation standards and playbooks. Assists in ensuring that MD-SOC operational capabilities and strategic vision remain aligned with statewide cybersecurity goals and standards, regulatory mandates, and client requirements for effective security monitoring and incident response services. 

Incident Command: Operates as Incident Commander or a senior leader under the direction of the Sr. Director of State Cyber Resilience operating as Incident Commander in the event of cybersecurity incidents. Directs and oversees tactical incident investigation and response activities. Directs and advice supporting business services and teams such as IT Operations as appropriate to execute effective incident response. 

Provides strategic advising to OSM, DoIT, and other State senior and executive leadership on the effective response to cybersecurity incidents. Assists in the development and delivery of regular incident response training and tabletop exercises for a variety of audiences. 

Strategic Planning and Senior Advisory: Serves as a principal advisor to the Sr. Director of State Cyber Resilience on the cost/benefit analysis of MD-SOC technical capabilities, services, and investments. Supports the statewide cybersecurity strategy and strategic planning process as related to the MD-SOC. 

Program and Resource Management: Manages all human resources for the MD-SOC.

Exercises full supervisory authority, including hiring, training, performance management, and disciplinary action for MD-SOC personnel. Recommends budgeting, staffing, and resource allocation for the MD-SOC to the Sr. Director of State Cyber Resilience. 

Other Duties as Assigned: Performs other related duties as assigned by the Sr. Director of State Cyber Resilience to support the strategic objectives of OSM.

Education: 

Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field. 

Experience: 

8 or more total years of professional experience in IT, cybersecurity, information assurance, or related roles.

6 or more of those years of professional experience must be in cybersecurity roles performing or overseeing Security Operations Center monitoring and analysis, incident response, digital forensics, cyber threat intelligence analysis, penetration testing, or equivalent responsibilities.

3 or more of those years of professional experience must include managing a Security Operations Center serving a multi-entity organization or diverse range of managed service clients.

2 or more of those years of professional experience must be in a leadership or supervisory role. 

Notes: 

An additional two (2) years of directly related cybersecurity experience, or completion of industry recognized cybersecurity certifications or training programs, may be substituted for the required bachelor’s degree.

Preferred qualifications:  

Experience leading one or more Security Operations Center(s) serving a multi-entity organization or diverse range of managed service clients through major modernization and automation, transformation, and developmental projects. 

Experience managing personnel, budget, and other organizational resources for one or more 

Security Operations Center(s) serving a multi-entity organization or diverse range of managed service clients. 

Experience leading multiple large scope and high-impact cybersecurity incident responses, including coordination across internal business units, federal and state law enforcement or other relevant entities, and executive and board-level organizational leadership. Incident response efforts should include navigating operational, technical, budgetary, legal, and communications domain challenges common to cybersecurity incidents. 

Experience developing and or managing technical workforce development programs, including strategies to provide pre-higher education graduation, early career, and career transition training and development opportunities to individuals.

The assessment may consist of a rating of your education, training, and experience related to the requirements of the position. It is important that you provide complete and accurate information on your application. Please report all experience and education that is related to this position.

STATE OF MARYLAND BENEFITS

Online applications are highly recommended. However, if you are unable to apply online, the paper application and supplemental questionnaire may be submitted to: Department of Budget and Management, Recruitment and Examination Division, 301 W. Preston St., Baltimore, MD 21201. Paper application materials must be received in our office by the closing date for the recruitment. No postmarks will be accepted.

For questions regarding this recruitment, please contact the DBM Recruitment and Examination Division at Application.Help@maryland.gov or 410-767-4850, MD TTY Relay Service 1-800-735-2258.

We thank our Veterans for their service to our country.

People with disabilities and bilingual candidates are encouraged to apply.

As an equal opportunity employer, Maryland is committed to recruitment, retaining and promoting employees who are reflective of the State's diversity.