Security Operations Center (SOC) Technical Lead

POSITION OVERVIEW

The SOC Technical Lead is the senior technical authority within MAD Security’s SOC, responsible for SOC technology integration, advanced security operations, and forensic investigations. This role is both hands-on and strategic, ensuring the SOC operates at the cutting edge of cybersecurity innovation.

The SOC Technical Lead is accountable for integrating and optimizing SOC technologies, including SIEM, SOAR, EDR, AI-driven threat detection, and forensic tools. This role also leads threat intelligence, security automation, and incident response initiatives, ensuring MAD Security’s SOC maintains world-class detection and response capabilities.

PRIMARY DUTIES AND ESSENTIAL FUNCTIONS

1.         Leadership, Management, & Accountability (LMA)

• Serve as the technical mentor and SME within the SOC, guiding analysts in advanced detection and response techniques.
• Lead SOC technical operations, ensuring efficiency, accuracy, and compliance.
• Foster a culture of technical excellence, continuously enhancing SOC capabilities.

2.         SOC Technology Integration & Optimization

• Lead and managed the integration of SOC technologies, ensuring seamless operation of SIEM, SOAR, EDR, AI-driven analytics, and threat intelligence platforms.
• Continuously enhance SOC security automation, orchestration, and AI-powered threat analytics.
• Research and deploy new technologies, including AI-driven detection and response capabilities.

3.         Solution Architecture & Engineering

• Architect and maintain MAD Security’s SOC technology stack, ensuring cutting-edge detection and response.
• Design and implement security monitoring architectures to enhance threat visibility.
• Ensure seamless integration of security tools across on-premise and cloud environments.

4.         Advanced Forensics & Incident Investigation

• Lead deep-dive security investigations, including digital forensics, malware analysis, and adversary tracking.
• Conduct threat-hunting operations leveraging MITRE ATT&CK and adversary TTPs.
• Develop advanced detection methodologies, ensuring proactive cyber defense.

5.         Scoping/Architecture Lead & Compliance Alignment

• Define SOC architecture and response strategies to enhance MAD Security’s detection and incident response capabilities.
• Ensure SOC security tooling aligns with NIST, DFARS, and CMMC compliance standards.

REQUIRED QUALIFICATIONS

Experience Requirements

• 6 years in cybersecurity operations, with at least 3 years in a senior technical role.
• Proven expertise in threat intelligence, forensic analysis, and security tool integration.
• Strong background in SIEM/XDR automation, AI-driven threat detection, and security engineering.
• Hands-on experience with penetration testing, security automation (SOAR), and threat intelligence research.

Essential Skills

• SOC Technology Integration & Optimization – Ability to integrate and enhance SOC tools, automation, and AI-driven analytics.
• Forensic Investigations & Threat Hunting – Expertise in malware analysis, incident response, and adversary tracking.
• Incident Response & Threat Intelligence – Deep understanding of MITRE ATT&CK and real-world adversary tactics.
• AI-Powered Security & Automation – Experience with AI-driven threat detection, anomaly detection, and predictive analytics.
• Technical Mentorship & Training – Ability to develop and train SOC analysts in advanced security operations.

SUPERVISOR RESPONSIBILITIES

Position supervises Security Operations Center (SOC) employees

LOCATION AND WORK ENVIRONMENT

While performing the duties of this job, the employee regularly works onsite in an office setting.

PHYSICAL DEMANDS

The physical demands described herein are representative of those which must be met by an employee to successfully perform the Primary Duties of this Job Description.

TRAVEL

Occasional travel may be required.

OTHER DUTIES

Please note this Job Description is intended to describe the general nature and level of work to be performed by the employee(s) assigned to this Job Title. It is not designed to contain nor be interpreted as a comprehensive and/or all-inclusive list of duties, responsibilities, and qualifications. MAD Security, LLC reserves the right to amend and/or change responsibilities to meet business and organizational needs, as necessary, with or without notice.

ABOUT MAD SECURITY, LLC

Founded in 2010, MAD Security is a Service-Disabled Veteran-Owned Small Business (SDVOSB) and a leading Managed Security Services Provider (MSSP). We specialize in safeguarding the defense industrial base, maritime, and government contractors with tailored cybersecurity solutions. Our robust services include SOC-as-a-Service (SOCaaS), Managed Detection and Response (MDR), Incident Response, GRC Gap Assessments, User Awareness Training, and Penetration Testing.

MAD Security integrates NIST frameworks into every solution, ensuring compliance with the highest federal standards while simplifying cybersecurity challenges for our clients. Recognized as a Top 250 MSSP for four consecutive years, we excel in providing proactive threat detection and mitigation through our award-winning Security Operations Center (SOC).

As a CMMC Registered Provider Organization (RPO), we have guided numerous contractors through CMMC Level 2 readiness, achieving milestones like perfect SPRS scores of 110 for clients. Our commitment to passion, integrity, and professionalism positions us as a trusted partner for defense and government organizations.

To learn more, visit www.madsecurity.com.

###