Lead daily SOC operations across shifts to ensure continuous monitoring and timely response to security events.
Coordinate shift handoffs and ensure accurate case documentation.
Provide real-time direction during active incidents, including prioritization, tasking, and escalation.
Maintain operational readiness (coverage, tooling availability, playbooks, and procedures).
Define, document, and enforce SOC operational standards (SLAs, response time targets, escalation criteria, and documentation quality).
Drive continuous improvement initiatives (use case tuning, reduction of false positives, workflow optimization).
Assist with onboarding, cross-training, and skills development plans for analysts.
Communicate incident status clearly to technical and non-technical stakeholders, ensuring timely and accurate updates.
Contribute to executive-ready reporting and operational briefings.
Track and report SOC Metrics (MTTA/MTTR, case volume, false positive rates, SLA compliance, escalation rates).
Identify recurring issues and propose corrective actions (process, detection, or tooling changes).

Requirements

5+ years of cybersecurity operations experience, including SOC monitoring and incident response.
1–2+ years in a lead/shift-lead role with demonstrated operational leadership.
Hands-on experience with SIEM/SOAR and alert triage workflows; ability to guide investigations end-to-end.
Strong understanding of incident response lifecycle, log analysis, and attacker techniques (e.g., MITRE ATT&CK).
Experience setting procedures/standards and improving operational processes in a 24x7 environment.
Familiarity with applying Artificial Intelligence (AI) or Machine Learning (ML) techniques in cybersecurity contexts (e.g., anomaly detection, threat hunting, behavioral analytics, or risk scoring).

Benefits

Medical/Dental/Vision coverage
401(k) plan
Tuition reimbursement program
Paid Time Off and Holidays (based on date of hire, at least 23 days of vacation each year and 9 company-designated holidays)
Paid Parental Leave
Paid Caregiver Leave
Additional sick leave beyond what state and local law require may be available but is unprotected
Adoption Reimbursement
Disability Benefits (short term and long term)
Life and Accidental Death Insurance
Supplemental benefit programs: critical illness/accident hospital indemnity/group legal
Employee Assistance Programs (EAP)
Extensive employee wellness programs
Employee discounts up to 50% off on eligible AT&T mobility plans and accessories, AT&T internet (and fiber where available) and AT&T phone.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

cybersecurity operationsSOC monitoringincident responseSIEMSOARalert triagelog analysisMITRE ATT&CKArtificial IntelligenceMachine Learning

Soft Skills

operational leadershipcommunicationteam coordinationproblem-solvingprocess improvementtraining and developmentincident prioritizationtask delegationreportingstakeholder engagement