Lead and manage SOC Analysts performing threat intelligence, incident response, and related cybersecurity functions.
Assign, prioritize, and monitor workload to ensure SOC coverage and timely completion of operational, project, and improvement tasks.
Supervise analytic quality, mentor staff, and promote professional growth and accountability.
Coordinate daily operations, staffing, and priorities with the other SOC Team Lead and the SOC Manager.
Represent the SOC in briefings, interagency meetings, and enterprise coordination activities as assigned.
Collaborate with other teams on cross-functional initiatives, maintaining awareness of and respect for their priorities and ensuring SOC contributions align with shared objectives.
Lead and participate in threat-hunting activities using enterprise telemetry, analytic queries, and intelligence sources to identify adversary activity and control gaps.
Direct incident response support activities by validating findings, guiding investigative next steps, and supporting escalation decisions with technical justification.
Direct the identification and validation of intelligence sources and oversee production of actionable threat reports, briefings, and recommendations.
Translate threat intelligence into operational analytic guidance for analysts, including investigative focus areas and analytic priorities.
Supervise threat hunting using a variety of telemetry and analytics platforms.
Manage receipt, triage, and analysis of incident reports; ensure adherence to escalation timelines and notification procedures.
Oversee situational awareness reporting, After-Action Report collection, and integration of lessons learned into SOC content and playbooks.
Coordinate investigations and intelligence sharing with the Florida Department of Law Enforcement (FDLE) and other partners.

Requirements

Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field; equivalent experience may be considered.
4+ years of hands-on experience performing SOC analyst duties, including alert triage, incident analysis, threat intelligence production, and threat hunting.
At least 2 years demonstrated experience working directly with detection tools, including SIEM queries, correlation rules, dashboards, or detection content.
At least 2 years of experience maintaining structured case documentation, producing written analytic products, and briefing technical or leadership audiences.
Demonstrated hands-on experience conducting cyber threat intelligence analysis, incident investigation, and threat-hunting activities in a SOC environment.
Experience serving as a technical lead, senior analyst, or mentor responsible for reviewing and guiding the analytic work of others.
Relevant professional certifications preferred, such as CISSP, GCIH, GCTI, etc.

Benefits

DMS is committed to successfully recruiting and onboarding talented and skilled individuals into its workforce.
We recognize the extensive training, experience and transferrable skills that veterans and individuals with disabilities bring to the workforce.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

threat intelligenceincident responsealert triageincident analysisthreat huntingSIEM queriescorrelation rulesanalytic queriestelemetrystructured case documentation

Soft Skills

leadershipmentoringcommunicationcollaborationorganizational skillsaccountabilityanalytical thinkingproblem-solvingprioritizationteam management

Certifications

CISSPGCIHGCTI