Security Operations Center Program Manager

About PUNCH:

We're problem solvers first & foremost. PUNCH's origin story involves frustration with available INFOSEC tools and techniques—we came up thru the industry using these inefficient tools and decided there had to be a better way. We bring this laser focus on efficiency to every customer engagement.

We have trust as a hallmark in everything we do. PUNCH provides its team members with the maximum amount of ownership over their careers, the direction of the company, and the flexibility & freedom to accomplish their job without interference. Trust requires accountability; we live that, company-wide.

We back each other up. PUNCH is a supportive place to work. We've worked hard to create an environment that makes people better, encourages teamwork, and rewards a “pitch in” mentality.

We give back. To those in need. To the community. To the industry.

Does this sound like you?

Role Overview:

PUNCH is seeking a seasoned SOC Manager to lead a large-scale, 24/7 Security Operations Center (SOC) in support of a large U.S. Government agency. The SOC includes two major functional units—an operational team (monitoring, detection, and incident response) and a threat analysis team (hunting, malware analysis, intelligence integration).  You must possess a SECRET security clearance.  

This leadership role is ideal for someone who has operated at scale - running SOCs in complex hybrid (on-prem/cloud) environments—and who understands the tactical, strategic, and organizational levers of effective cyber defense. The ideal candidate is a builder, mentor, and communicator who thrives in high-tempo mission spaces and can manage teams across shifts and specializations.

Responsibilities:

 - Manage the full operational lifecycle of a 24/7 SOC supporting a critical federal mission

 - Lead subordinate managers and analysts across SOC Operations and Threat Hunt/Analysis teams

 - Drive strategy, staffing, workflow optimization, and process improvement within the SOC

 - Oversee incident response activities in alignment with all five functions of the NIST Cybersecurity Framework 

- Maintain readiness for hybrid environments (on-premises and cloud infrastructure)

 - Coordinate escalations, shift transitions, and analytic coverage across rotating teams

 - Communicate with senior government leadership, external mission partners, and internal stakeholders

 - Implement and track performance metrics aligned to mission impact and SOC maturity

 - Identify risks, gaps, and opportunities for automation, upskilling, and tooling improvements

 - Ensure compliance with Treasury security policies and federal standards

Required Qualifications:- Bachelor's degree (or 3 additional years of experience in lieu of degree)

- 10+ years of SOC management experience, including 5+ years managing hybrid (on-prem/cloud) SOCs

 - 10+ years of experience in incident response across enterprise-scale environments (50,000+ endpoints)

 - Deep familiarity with NIST Cybersecurity Framework and federal incident response protocols

  - Demonstrated success influencing practices and communicating with senior stakeholders

 - Experience leading large, distributed teams in a mission-critical setting

Preferred:

 - Experience supporting Department of Treasury or other federal financial agencies

 - Familiarity with SIEM, SOAR, EDR, and threat intel platforms

 - Active certification such as CISSP, CISM, or GIAC