SOC Shift Lead

Position Summary:

SOC Shift Lead is responsible for leading shifts the Security Operations Center (SOC) for a federal law enforcement agency. The SOC consists of a variety of highly skilled, technical staff performing Monitoring and Analysis, Cyber Incident Handling, Threat Intelligence & Hunting, non-compliance reporting, user activity monitoring, malware and forensic analysis, vulnerability assessments and penetration testing. Furthermore, the SOC Shift Lead coordinates 24x7 shift staffing to support mission-critical operations, including incident response, and manages surge support.

Key Responsibilities:

• Supervise and manage a shift of Cyber Security Analysts within the SOC.
• Ensuring that team members are properly trained, motivated, and organized to effectively carry out their responsibility.
• Manage and optimize the use of SIEM and other security tooling.
• Active monitoring of Security events using SIEM (based on standard operating procedure).
• Oversee identification, investigation and response to security incidents. Maintain and improve security response plan.
• Effectively coordinate with internal and external stakeholder on security incidents.
• Keep updated with latest cyber security threats, trend and incorporate into threat intelligence. •     Understanding of vulnerabilities in OS, Applications, Network devices and perform vulnerability assessments.
• Maintain comprehensive documentation of SOC processes, procedures and incident playbooks. • Generate regular SOC reports.
• Document all activities during an incident and provide leadership with status updates during the life cycle of the incident.
• Must comply with any regulatory requirements.

Qualifications:

• Bachelor’s degree in computer science, Information Security, or related field. Master's degree or relevant certifications (e.g., BTL2, OSCP, CySA+, eCTHP) are a plus.
• 3+ years professional experience in information security and SOC monitoring. • Experience in supervision of security operations.
• You possess in-depth knowledge of security best practices and tooling such as EDR, AV, Firewalls, WAF etc.
• Strong ability to demonstrate analytical expertise, close attention to detail, excellent critical thinking, logic, and solution orientation.
• Willingness to learn and operate in a dynamic environment.
• You have experience in cyber-attack monitoring and incident handling. 

Please send your resume to the e-mail address by indicating job title in the subject line.