Position Summary:SOC Shift Lead is responsible for leading shifts the Security Operations Center (SOC) for a federal law enforcement agency. The SOC consists of a variety of highly skilled, technical staff performing Monitoring and Analysis, Cyber Incident Handling, Threat Intelligence & Hunting, non-compliance reporting, user activity monitoring, malware and forensic analysis, vulnerability assessments and penetration testing. Furthermore, the SOC Shift Lead coordinates 24x7 shift staffing to support mission-critical operations, including incident response, and manages surge support. Key Responsibilities: Supervise and manage a shift of Cyber Security Analysts within the SOC. Ensuring that team members are properly trained, motivated, and organized to effectively carry out their responsibility. Manage and optimize the use of SIEM and other security tooling. Active monitoring of Security events using SIEM (based on standard operating procedure). Oversee identification, investigation and response to security incidents. Maintain and improve security response plan. Effectively coordinate with internal and external stakeholder on security incidents. Keep updated with latest cyber security threats, trend and incorporate into threat intelligence. • Understanding of vulnerabilities in OS, Applications, Network devices and perform vulnerability assessments. Maintain comprehensive documentation of SOC processes, procedures and incident playbooks. • Generate regular SOC reports. Document all activities during an incident and provide leadership with status updates during the life cycle of the incident. Must comply with any regulatory requirements. Qualifications: Bachelor’s degree in computer science, Information Security, or related field. Master's degree or relevant certifications (e.g., BTL2, OSCP, CySA+, eCTHP) are a plus. 3+ years professional experience in information security and SOC monitoring. • Experience in supervision of security operations. You possess in-depth knowledge of security best practices and tooling such as EDR, AV, Firewalls, WAF etc. Strong ability to demonstrate analytical expertise, close attention to detail, excellent critical thinking, logic, and solution orientation. Willingness to learn and operate in a dynamic environment. You have experience in cyber-attack monitoring and incident handling. Please send your resume to the e-mail address by indicating job title in the subject line.
