Security Operation Center (SOC) Lead

Do you have a passion for security and protecting your environment from attackers? As a SOC Lead you will Lead the Security Operations Team that is focused on protecting our clients from the bad guys. The primary function of this position is to lead the team as well as participate with investigations, identification and reporting on cyber threats. You will coordinate resources during incident response efforts, assists with classifying security events, develop remediation guidance, support documentation and client reporting deliverables, and assists with system security compliance.

Responsibilities

  • Provide leadership to Security Operations Center Analysts

  • Provide security monitoring and incident response of cyber security events in a highly available Security Operation Center (SOC) that supports internal and external customers

  • Respond to cyber security tickets and provide analysis and trending of security log data from security devices as well as various security tool portals

  • Monitor and analyze Security Information and Event Management (SIEM) alerts to identify security issues for remediation and investigate events and incidents

  • Monitor all security logs and events

  • Provide proactive “threat hunting” to detect incidents

  • Tune rules and thresholds to improve fidelity of alerts

  • Prepare reports of analysis and results to provide briefings to management and clients

  • Provide Incident Response support when analysis confirms actionable incident

  • Investigate, document, and report on information security issues and emerging trends.

  • Mentor junior staff and interns

Requirements

  • Experience as a Senior Security Analyst leading a team

  • Experience with Security Operations Center, network event analysis and/or threat analysis

  • Experience working as an Incident Responder

  • Knowledge of various security methodologies and technical security solutions

  • Experience analyzing data from cybersecurity monitoring tools

  • Ability to analyze endpoint, network, and application logs

  • Experience tuning and/or configuring SIEM and vulnerability tools

  • Knowledge of common Internet protocols and applications

  • Scripting experience in Linux or PowerShell preferred

  • Bachelor’s degree in Computer Science, Information Technology or equivalent experience.

Apply Now

We’re here to help. Reach out to schedule an introductory call and learn more about how DruvStar can benefit your organization.

Scroll to Top

Get In Touch