Job Closed
This listing is no longer active.
SOC Lead
Location
United States
Posted
70 days ago
Salary
0
Seniority
Lead
Job Description
SOC Lead
Palnar
Role Description The SOC Lead / Incident Manager will oversee 24x7x365 Security Operations Center (SOC) functions for the Congressional Budget Office vSOC program. This role requires strong leadership in incident response, SLA enforcement, and team management, with hands-on expertise in Microsoft Sentinel and Defender environments. The SOC Lead will serve as the escalation authority, ensuring operational excellence, audit readiness, and compliance with federal frameworks such as NIST SP 800-53 and FISMA. - Lead Tier I/II/III SOC operations with full escalation authority. - Enforce SLA-driven performance standards (≤15 min triage, ≤1 hr investigation, ≤2 hr escalation). - Oversee the incident lifecycle from triage through investigation, response, and closure. - Act as incident commander during high-severity events, coordinating stakeholder communication. - Review and approve incident classifications, escalations, and remediation actions. - Conduct daily/weekly operational reviews, tracking incident trends and performance metrics. - Collaborate with engineering teams to improve detection rules and reduce false positives. - Ensure all incidents are documented and audit-ready for compliance assessments. Qualifications - 8-10+ years of experience in SOC operations and incident management. - Strong expertise in Microsoft Sentinel, Defender XDR, and SIEM/SOAR platforms (Splunk, QRadar, ELK). - Proven ability to lead cross-functional SOC teams and enforce SLA compliance. - Hands-on experience with ServiceNow, Jira, Power BI, KQL, and Log Analytics. - Deep knowledge of NIST SP 800-53, NIST 800-61, FISMA, and FedRAMP frameworks. Requirements - Certifications (Preferred / Mandatory): - CISSP (Certified Information Systems Security Professional) - GIAC (GCIH / GCIA / GCFA) - Microsoft Certified: Security Operations Analyst (SC-200) - ITIL / PMP (optional but valuable for governance)
Related Guides
Related Categories
Related Job Pages
More Security Analyst Jobs
Role Description The Security Analyst plays a key role in protecting our organization by detecting, investigating, and responding to security incidents across our environment. This individual will operate on the front lines of our Security Operations Center (SOC), leveraging a variety of tools and intelligence sources to identify threats, contain issues, and continuously improve our defenses. The ideal candidate is detail-oriented, proactive, and eager to deepen their technical expertise in a fast-paced, collaborative security team. Responsibilities - Security Ticketing & Incident Response - Triage incoming security alerts and requests, ensuring timely communication and resolution in coordination with internal stakeholders. - Conduct first-line investigations using data from SIEM queries, IAM logs, and endpoint/cloud telemetry. - Execute approved containment and remediation actions (e.g., disabling user accounts, revoking tokens, quarantining assets). - Collaborate closely with IT, Security Engineering, and MSSP partners to escalate and resolve complex incidents. - Document investigation steps, outcomes, and lessons learned for future reference and process improvement. - Alerting & Threat Detection - Utilize security tools such as SIEM, DLP, EDR, and DSPM platforms to validate alerts, uncover misconfigurations, and identify potential threats. - Tune detection rules and contribute to continuous improvement of alert quality, reducing false positives. - Monitor threat intelligence feeds to identify new vulnerabilities and recommend practical mitigation strategies. - Partner with engineering teams to enhance visibility and strengthen detection coverage across systems and environments. - Improve How We Work - Draft, maintain, and refine SOPs and runbooks for recurring alerts and incident types. - Help define alert severity levels, SLAs, and escalation paths; identify opportunities for automation and workflow optimization. - Build lightweight dashboards and KPIs (e.g., alert volume, false positive rate, SLA attainment) to provide actionable insights to leadership. Qualifications - 2–4 years of experience in security operations, incident response, or threat detection. - Familiarity with SIEM, EDR, and related security tools (e.g., Splunk, Sentinel, CrowdStrike, etc.). - Understanding of IAM, cloud platforms (AWS, GCP, Azure), and basic network security principles. - Strong analytical and problem-solving skills, with attention to detail and documentation. - Excellent communication and teamwork skills. Requirements - Compensation Range: $55,000-$80,000. - This compensation range represents Cyera’s good faith and reasonable estimate of the range of possible compensation for this role at the time of posting, and Cyera may ultimately pay more or less than the posted range. - The final salary for this position will be determined in Cyera’s sole discretion, consistent with applicable law, and based on a variety of factors, including but not limited to the employee’s work experience, skills, and qualifications for the role, as well as the needs of Cyera’s business and other operational considerations. - This role may be eligible for potential merit increases based on factors such as individual or company performance, time in role, and other discretionary factors. Benefits - Ability to work remotely, with office setup reimbursement. - Competitive salary. - Unlimited PTO. - Paid holidays and sick time. - Health, vision, and dental insurance. - Life, short and long-term disability insurance.
Information Security Analyst
Grupo Adriano CobuccioA força de um Grupo que traz credibilidade e segurança.
• The professional will support the company's technical cybersecurity demands, performing preventive testing activities to ensure that security requirements are met, and engaging in monitoring, optimization, and first-level analysis and incident response. • The professional is expected to collaborate by proposing improvements to the company's cybersecurity posture.
• Endsight’s security analyst will serve as the primary technical support resource and coordinator between MSP clients, Endsight employees, and MSSP clients for security products. • The analyst will support our organization with deployment, support, consulting, evaluation, and other security duties in support of Endsight and the security department. • You’ll fit right in if you: • Take pride in helping others succeed • Love mastering your tools and improving your craft • Communicate clearly and stay composed under pressure • Are energized by teamwork and mutual respect • Want to grow in a place where your success helps everyone win
Role Description cFocus Software seeks a SOC Analyst to join our program supporting the Federal Communications Commission (FCC). This position is remote and requires the ability to obtain a Public Trust clearance. Qualifications - Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent experience). - Experience in cybersecurity operations, incident response, or related SOC environment. - Familiarity with enterprise IT environments, networks, and security technologies. - Ability to analyze and interpret security data and alerts. - Experience with SIEM platforms (e.g., Splunk, QRadar, Sentinel). - Knowledge of endpoint detection and response (EDR) tools. - Understanding of networking fundamentals (TCP/IP, DNS, HTTP, etc.). - Familiarity with threat intelligence and common attack techniques. - Strong analytical and problem-solving skills. - Ability to work in a fast-paced, 24x7 operational environment. - Effective communication and documentation skills. Requirements - Role-appropriate cybersecurity certifications demonstrating competency in security operations and incident response. - Examples include: CompTIA Security+, CySA+, CEH, GSEC, or other relevant certifications. Duties - Monitor security events and alerts using SIEM and other security monitoring tools. - Analyze logs, alerts, and network traffic to identify potential security incidents. - Perform incident triage, investigation, and escalation in accordance with established procedures. - Document incidents, findings, and response actions in ticketing systems. - Support incident response activities and coordinate with internal teams as needed. - Follow and maintain SOPs, playbooks, and response procedures. - Identify false positives and tune detection rules where appropriate. - Support vulnerability management and threat detection initiatives. - Participate in continuous improvement of SOC processes and capabilities.

