Job Description:
• Lead and mentor cybersecurity professionals across threat hunting, cyber threat intelligence, detection engineering, and incident response.
• Develop and execute strategic initiatives to advance SOC maturity and enhance operational effectiveness.
• Oversee intelligence-driven threat‑hunting activities to identify and mitigate emerging security risks.
• Partner with detection engineers to refine detection capabilities, optimize SIEM rules, and develop behavioral analytics for advanced threat detection.
• Lead incident response activities, ensuring rapid containment, mitigation, and remediation of cybersecurity incidents.
• Conduct post-incident reviews to continually improve processes and strengthen prevention and response mechanisms.
• Oversee real-time security monitoring to ensure rapid identification and triage of threats and vulnerabilities.
• Collaborate with IT, Risk, Compliance, and senior leadership to communicate risks, trends, and strategic recommendations.
• Continuously assess SOC workflows, automation maturity, and tooling; maintain playbooks, SOPs, and supporting documentation.
• Ensure compliance with relevant frameworks (NIST, ISO 27001, MITRE ATT&CK) and prepare reporting on key security metrics and incident trends.
• Provide coaching, mentorship, and training to develop SOC team capabilities and support professional growth.
Requirements:
• Bachelor’s degree in Management of Information Systems or related field; Associate degree may be considered with relevant experience and certifications.
• Industry certifications such as CISSP, CISM, or GIAC (GCIH, GCFA, GCTI) or CySA+ are highly desirable.
• 4–6 years of experience in a senior cybersecurity operations role, ideally within a SOC environment.
• Experience leading teams and collaborating effectively with service partners.
• Strong expertise in threat intelligence, threat hunting, detection engineering, and incident response methodologies.
• Hands‑on experience with SIEM, EDR/XDR, IDS/IPS, and SOAR technologies.
• Strong understanding of MITRE ATT&CK, NIST CSF, ISO frameworks, and CIS Controls.
• Experience with scripting and automation tools (Python, KQL, PowerShell) to enhance security operations.
• Demonstrated ability to drive continuous improvement and innovation in SOC processes.
• Strong analytical and decision‑making skills under pressure.
• Excellent communication and leadership skills, able to engage both technical teams and executives.
• Knowledge of networking fundamentals (OSI model, TCP/IP, DNS, HTTP, SMTP) and cloud computing.
Benefits:
• Competitive compensation
• Medical, dental, and vision coverage
• Flexible and paid time off
• Remote work options
• Tuition reimbursement
• Employee assistance and wellness programs; life and disability insurance