Location: Remote (US-based) About Dispel: Dispel is the fastest-growing cybersecurity company recognized in the 2025 Cybersecurity Excellence Awards. We deliver zero trust secure remote access and real-time data streaming for operational technology (OT) and industrial control systems (ICS). Our patented Moving Target Defense technology — referenced in NIST 800-172 — protects critical infrastructure for utilities serving 54 million+ people, manufacturers producing over 50% of US baby formula, and major defense contracts including a $950M IDIQ with the US Air Force. Why This Role Exists: Dispel is pursuing FedRAMP High authorization while simultaneously operating a commercial security program. We have a functioning SOC built on Google SecOps (Chronicle) and SentinelOne, but we need a senior IC who can take it from "stood up" to "operationally mature." Today our SIEM ingests approximately 35% of total log sources. Our federal environment is at 75% coverage; commercial AWS sits at 30%; Azure and Entra ID are at 0%. Our MSSP recently transitioned and needs an internal technical owner to drive accountability. Our detection library, SOAR playbooks, and vulnerability dashboards are in draft or partially built. This person will be the day-to-day technical owner of SOC operations, responsible for closing coverage gaps, building detections, maturing incident response, and providing senior technical direction to the existing SOC analyst. This is a hands-on-keyboard role with leadership expectations — you will not formally manage people, but you will set priorities, review deliverables, and drive execution across the SOC function.

• Execute SOC Operational Strategy • Oversee all global SOC operations, ensuring alignment with MassMutual’s cybersecurity strategy and regulatory requirements • Review SOC metrics, staffing needs, and budget requirements with security leadership • Drive Threat Detection & Incident Response Excellence • Lead the response to cybersecurity events and critical incidents, ensuring appropriate analysis, prioritization, escalation, and communications • Ensure structured and consistent incident handling processes across all SOC tiers • Strengthen Enterprise Communication & Decision Support • Act as the escalation and communication liaison with senior leadership and other critical stakeholders • Ensure timely, risk-aware decisions and clear communication of incident impacts and recommended actions • Advance Detection Engineering & Automation Capabilities • Partner with Detection Engineering and Security Platforms to optimize SIEM/SOAR alerting logic, tuning, and playbook development • Expand automation to improve analyst efficiency and response consistency • Develop & Inspire a High-Performing Global Team • Guide analyst growth through training, mentorship, certifications, and hands-on exercises • Foster a culture rooted in MassMutual values of inclusion, innovation, and continuous improvement

• Active Incident Response: Lead the identification and mitigation of high-impact security events. You will analyze sophisticated traffic patterns and implement precise countermeasures, including rate limiting and custom WAF & Security rules to neutralize threats in real-time. • Managed Security Delivery: Serve as a primary security consultant for MSS Customers. This involves continuous tuning and refining of security policies to optimize detection accuracy and maintaining a hardened security posture tailored to each client's unique environment. • Advanced Threat Hunting: Conduct data-driven investigations using log analysis to uncover potential threats and hardenings opportunities • Security Intelligence & Reporting: Author comprehensive After Action Reports (AARs) and monthly security summaries. You will translate complex telemetry and attack data into high-level actionable insights for customer stakeholders. • Strategic Communication: Act as the Subject Matter Expert (SME) during active security incidents. You will provide clear, calm, and professional guidance via real-time communication channels, ensuring customers are informed and confident in our defensive strategy.

• A SOC intern assists the Security Operations Center team by monitoring security alerts and events in real-time • Analyzing potential threats • Investigating incidents • Learning to respond to cybersecurity issues using various security tools, all while gaining practical experience in the field of cybersecurity under the guidance of experienced analysts • Key responsibilities include threat monitoring, incident triage, log analysis, and reporting on potential security breaches.