Key skills
AIAnalyticsLeadership
About this role
Role Overview
- Lead day‑to‑day operations as a player/coach of the Security Operations Center (SOC) providing 24x7 monitoring, detection, and response across IT and OT environments
- Manage SOC personnel, including staffing, training, performance management, and on‑call or shift coverage
- Oversee incident detection, investigation, response, and escalation processes for both IT and industrial control system (ICS) environments
- Drive adoption, governance, and continuous improvement of AI‑enabled SOC capabilities, including machine‑learning‑based detections, analytics, and response automation
- Ensure traditional and AI‑driven detections and automation are properly tuned, measurable, explainable, and aligned with SOC procedures and risk tolerance
- Manage relationships with Managed Detection and Response (MDR) providers, including onboarding, operational integration, SLAs, performance reviews, and escalation handling
- Ensure effective monitoring and protection of OT/ICS, SCADA, and critical infrastructure environments in partnership with engineering and operations teams
- Own SOC operational metrics and reporting, including detection and response, alert quality, detection coverage, and automation effectiveness
- Maintain SOC policies, procedures, playbooks, and documentation aligned with industry frameworks (e.g., NIST, MITRE ATT&CK, MITRE ATT&CK for ICS)
- Collaborate with IT, OT, Infrastructure, Compliance, and executive leadership to continuously strengthen the organization’s security posture
Requirements
- Bachelor's Degree (accredited) in Computer Science, MIS, Business Administration, or in lieu of degree
- High School Diploma or GED (accredited) and 4 years of relevant work experience.
- 5 years of relevant work experience (in addition to education requirement).
- Experience managing or operating alongside Managed Detection and Response (MDR) or MSSP providers
- Hands‑on experience with SIEM, SOAR, EDR, and security automation platforms
- Working knowledge of OT/ICS security, including industrial networks and operational constraints
- Proven track record managing security operations teams in large hybrid corporate environments
- Certifications: CISSP, GCIH, GCED, GCIA, or GICSP, CySA+, or equivalent
- Experience leading SOC transformation initiatives involving automation, AI augmentation, and vendor consolidation
Benefits
- Medical
- Dental
- Vision
- Life Insurance
- Short Term Disability
- Stock Purchase Plan
- Company match on 401K
- Paid Vacation
- Holidays
- Personal Days