Oversee day-to-day security monitoring, detection, and response activities, ensuring high-quality investigations and timely remediation of security events and incidents.
Act as the go-to escalation resource for analysts, providing hands-on guidance for complex investigations and ensuring consistency and depth in investigative outcomes.
Lead and coordinate complex security incidents end-to-end, while acting as a liaison between leadership and the SOC.
Lead SIEM-driven operations and continuously improve detection capabilities through use-case development, tuning, telemetry optimization, and enhanced coverage across security domains.
Break down strategic cybersecurity objectives into actionable workstreams, track progress, remove blockers, and ensure successful execution of team initiatives.
Create and refine incident response playbooks, SOPs, and automation opportunities to improve consistency, efficiency, and scalability of operations.
Track key operational metrics (MTTD, MTTR, alert fidelity) and conduct advanced threat analysis to inform decisions, strengthen defenses, and continuously improve security posture.
Requirements
Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or related field (or equivalent practical experience).
Security+, GCIH, GCIA, GCED, or equivalent certifications.
5–8+ years of experience in cybersecurity operations or SOC environments
Proven experience leading or coordinating incident response activities
Hands-on experience with SIEM platforms and building detection-driven operations
Strong familiarity with security technologies such as EDR, NDR, email security, WAF, and identity/security monitoring tools
Tech Stack
Cyber Security
Benefits
Medical insurance
Dental insurance
Vision insurance
Basic life insurance
401k plan with 100% match for the first 4% contributed