Security Operations Center (SOC) Manager/Team Lead

Location

• Franklin, TN (Onsite required) 

Compensation

• Salary Range: $100,000–$130,000 (Manager level)
• Benefits: 401(k), Health, Dental, Vision, Profit Sharing, PTO

Position Overview

The SOC Team Lead or Manager leads the Security Operations Center team responsible for 24/7 on call monitoring, detection, analysis, and response to cybersecurity threats. This role ensures operational excellence, team development, and alignment with compliance frameworks such as NIST 800-171 and CMMC.

Key Responsibilities

Leadership & Operations

• Oversee daily SOC operations, including shift coverage, alert ticketing system, vulnerability scanning, and incident response.
• Lead, mentor, and develop SOC analysts; provide coaching, feedback, and escalation support.
• Manage SOC workflows, performance metrics, and service delivery KPIs.
• Serve as the escalation point for critical incidents and coordinate cross-functional response.
• Manage vulnerability program to identify and remediate vulnerabilities across the technology stack.

Technical & Incident Response

• Guide analysts through investigation, containment, and remediation activities.
• Ensure consistent use of SIEM, EDR, SOAR, and threat intelligence tools (e.g., Sumo Logic, Defender, Microsoft 365).
• Refine detection rules, playbooks, and response procedures.
• Conduct threat intelligence and vulnerability management.

Compliance & Audit Readiness

• Execute and maintain security and compliance monitoring and audit functions.
• Support internal and client audits aligned with NIST 800-171, CMMC, and other standards.
• Own audit and control functions, ensuring separation of duties and documentation integrity.
• Support Client audits by providing artifacts and being interviewed.
• Maintain audit documentation suite and work with Clients to customize to their needs.

Stakeholder Engagement

• Communicate incident details and SOC updates to internal and external stakeholders.
• Support onboarding of new SOC clients, including tuning and baselining.
• Collaborate with support and development teams to support broader security initiatives.

Program & Process Improvement

• Identify opportunities to improve SOC effectiveness, automation, and efficiency.
• Contribute to service maturity, including documentation, KPIs, and operational standards.
• Conduct disaster recovery and incident response drills.

Required Qualifications

• 3–5 years of leadership experience, including people management.
• Strong understanding of SIEM/EDR technologies, detection logic, and investigative methodologies.
• Experience with regulated environments (e.g., DoD, DFARS/CMMC, NIST 800-171).
• Hands-on experience with log aggregation, malware analysis, incident response and DevOps environments.

Preferred Skills & Certifications

• Experience with Sumo Logic and Microsoft 365.
• Certifications: Security , CySA , GCIH, GCIA, CISSP, CCA, CCP
• Familiarity with MDR/SOC service environments and client onboarding.