SOC Lead

Join Peraton in advancing the safety, efficiency, and modernization of the National Airspace System (NAS) through the FAA’s Brand New Air Traffic Control System (BNATCS) contract. As a trusted partner to the Federal Aviation Administration, Peraton helps deliver the systems and services that keep our nation’s skies safe and connected.

We’re looking for innovative professionals who thrive in mission-critical environments and are passionate about shaping the future of air traffic management. This is your chance to make an impact on one of the world’s most vital transportation infrastructures, working alongside leaders in aviation, engineering, data science, and systems integration.

At Peraton, you won’t just support the mission — you’ll define it.

Join a team dedicated to protecting the safety and integrity of U.S. air travel. Peraton is seeking an experienced SOC Lead to lead and mature cybersecurity monitoring, detection, and incident response operations supporting programs aligned to the Federal Aviation Administration (FAA). This role is responsible for the strategic and operational management of the SOC, including workforce leadership, tool governance, incident response oversight, and continuous improvement of detection and response capabilities across the National Airspace System (NAS). The ideal candidate brings deep SOC leadership experience, strong knowledge of federal cybersecurity frameworks, and a proven ability to manage teams, processes, and technologies in a highly regulated, high-availability environment.

In this position, you will:

• Lead and manage SOC operations, including staffing models, shift coverage, and on-call rotations.

• Oversee incident response lifecycle (triage, containment, eradication, recovery) and serve as executive escalation authority.

• Supervise, mentor, and develop SOC Leads and Analysts; establish performance goals and training plans.

• Govern and optimize security monitoring tools (SIEM, EDR, IDS/IPS, SOAR, vulnerability scanners).

• Establish and maintain SOC policies, SOPs, runbooks, and playbooks aligned with federal standards.

• Drive threat intelligence integration, detection engineering, and threat hunting programs.

• Ensure accurate incident documentation, metrics, and reporting to leadership and FAA stakeholders.

• Coordinate with network, cloud, application, and engineering teams to remediate vulnerabilities and systemic risks.

• Manage vendor relationships, contracts, and tool roadmaps for SOC capabilities.

• Lead tabletop exercises, incident simulations, audits, and after-action reviews.

• Track and report KPIs/SLAs, trends, and continuous improvement initiatives.

• Support change management, tool onboarding, and security architecture enhancements.

• Ability to brief executive leadership and translate technical risk into business impact.

• Manage budgets, staffing plans, and operational metrics.

Why This Role Matters

The FAA’s mission to safely operate and modernize the NAS depends on uninterrupted, resilient cybersecurity operations. As SOC Lead, you ensure threats are detected early, incidents are managed effectively, and security operations scale to meet evolving risks. Your leadership directly safeguards mission-critical systems, supports operational continuity, and strengthens the FAA’s enterprise cyber defense posture.

Basic Qualifications:

• U.S. Citizenship Required.
• Must have the ability to obtain / maintain a Public Trust clearance. 
• 12 years of cybersecurity experience.
• Experience managing SOC or incident response teams.
• Proven leadership in incident response, security monitoring, and SOC operations.
• Hands-on knowledge of SIEM, EDR/XDR, SOAR, and threat intelligence platforms.
• Strong understanding of federal cybersecurity frameworks and reporting requirements.
• Excellent leadership, communication, and decision-making skills under pressure.
• In-depth knowledge of RMF, NIST 800-53, NIST 800-61, and incident reporting obligations.
• Strong analytical skills for correlating events across multiple data sources and environments.

Preferred Qualifications:

• Exposure to FAA programs or NAS systems.

• Experience supporting federal, aviation, or other regulated environments.

• Degree in Cybersecurity, Information Assurance, or Systems Engineering.

• Certifications such as CISSP, CISM, GCED, GCIA, or GCIH.

• Experience supporting FAA, DOT, or transportation/aviation systems.

• Familiarity with cloud security monitoring, Zero Trust architectures, and SOAR automation.

• Experience leading detection engineering or advanced threat hunting programs.

#BNATC

#BNATC