Security Operations Center (SOC) Lead

For US Citizens Only

Must reside in Arizona since this is a hybrid role.

This position requires limited traveling (10%) to regional SOCs.

Position Description:

• The Regional Security Operations Center (RSOC) Lead is responsible for supporting and overseeing Regional Security Operations Centers (RSOC).
• This role will aid the SOC Manager in coordinating cybersecurity efforts, managing daily operations, and enhancing the SOC’s capability to detect, prevent, and respond to security threats.
• The ideal candidate is detail-oriented, highly collaborative, and possesses a strong understanding of cybersecurity principles.

Must Have:

• 1–3 years of hands-on experience in a Security Operations Center (SOC), cybersecurity, or IT operations role.
• Strong understanding of cybersecurity principles, including threat analysis, threat monitoring, and incident response.
• SIEM tools, firewalls, and other security technologies.
• Familiarity with automation tools for incident response or security operations.
• Demonstrated ability to identify and implement improvements to SOC operations or incident response protocols.
• Proven ability to monitor and respond to security incidents, ensuring timely containment, investigation, and remediation.
• Experience supporting the implementation of cybersecurity policies, procedures, and incident response protocols.
• Strong communication and organizational skills with the ability to work collaboratively with diverse teams and stakeholders.
• Experience mentoring or training team members in SOC operations.
• Strong skills in preparing reports and maintaining detailed incident logs, operational metrics, and documentation.
• Experience conducting hands-on training sessions, workshops, or educational initiatives for junior staff to foster cybersecurity skills.

Skills Required:

• Experience Required: 1-3 years of experience in a SOC, cybersecurity, or IT operations role.
• Education Preferred: Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field.
• Relevant certifications: E.G., CompTIA Security , CISSP, CISM are a plus.
• Operational Support: Assist with daily security operations, ensuring consistent communication and effective response to emerging threats across all SOCs in the region. Support implementation of cybersecurity policies, procedures, and incident response protocols. Coordinate resources and activities among regional SOCs to standardize and enhance security operations.
• Incident Response and Threat Monitoring: Monitor and respond to security events in collaboration with the regional SOC teams, ensuring timely containment, investigation, and remediation of incidents. Assist in analyzing security incidents to determine root causes, impacts, and resolution strategies. Coordinate with regional IT and security staff to facilitate a cohesive response to security threats.
• Training and Mentorship: Mentor and train involved in SOC operations, fostering a learning environment and developing essential cybersecurity skills. Collaborate with the SOC Manager to conduct hands-on training sessions and workshops to improve the cybersecurity skills.
• Documentation and Reporting: Prepare reports and documentation related to SOC activities, including incident response logs, weekly updates, and monthly operational reports. Maintain accurate records of security incidents, resolutions, and operational metrics to inform continuous improvement.
• Collaboration and Relationship Management: Serve as a point of contact between the SOC Manager, stakeholders, and regional IT/security staff. Participate in regular SOC meetings, regional cybersecurity initiatives, and interdepartmental coordination to maintain alignment across all operations.