What are the responsibilities and job description for the Tier 3 SOC Lead Analyst position at Merlin Group?
About Merlin Group
Merlin Group operates at the intersection of cyber innovation, national security, and technology-driven transformation. With a mission to accelerate the adoption of high-impact technologies across the U.S. public sector and regulated commercial markets, Merlin is uniquely structured around three core tenets – Invest, Enable, and Scale – each designed to address a specific stage of the technology lifecycle. Together, our affiliates – Merlin Ventures, CGC, and Merlin Cyber – form a flywheel that builds enduring capability for customers, partners, and the broader cyber ecosystem, operationalizing technological advancement into mission-ready, enterprise-grade solutions.
At Merlin, we believe our strength lies in our people. Team members are encouraged to be creative, collaborative, and nimble, pursuing paths to deliver the cutting-edge cybersecurity solutions that our customers rely on. From next-generation cyber defense to secure cloud and AI, we are united by one purpose – transforming innovation into mission impact.
The Opportunity
The Security Operations Center (SOC) is responsible for continuous monitoring, threat detection, and incident response across a multi-cloud environment supporting FedRAMP Moderate and High workloads. The team operates dual-stack SIEM architecture (Splunk and SentinelOne) serving customers across AWS, Azure, and GCP. We are expanding the team to deepen our operational capabilities and mature our security posture.
We are looking for a Senior SOC Analyst to serve as the T3 Lead, providing shift leadership and technical direction for the operations team. In this role, you will own day-to-day operational decisions, mentor junior analysts, and drive framework alignment across compliance control families. You will work closely with the SOC Manager to coordinate cross-team efforts with Engineering, GRC, and Infrastructure.
Primary Duties & Responsibilities
Required
We want to empower and inspire employees to be and do their best. Our workdays are dynamic, collegial, and fun. Our office features multiple places to work unconstrained by typical office barriers. Our wellness package provides access to an on-site gym and includes medical, dental, and vision insurance along with options for FSA and EAP. We offer 401(k) with employer match, unlimited PTO, and a culture respectful of the reality that not everything in one’s personal life is guaranteed to happen only after hours.
All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran, or any other status protected by applicable federal, state, local, or international law.
www.themerlingroup.com
Merlin Group operates at the intersection of cyber innovation, national security, and technology-driven transformation. With a mission to accelerate the adoption of high-impact technologies across the U.S. public sector and regulated commercial markets, Merlin is uniquely structured around three core tenets – Invest, Enable, and Scale – each designed to address a specific stage of the technology lifecycle. Together, our affiliates – Merlin Ventures, CGC, and Merlin Cyber – form a flywheel that builds enduring capability for customers, partners, and the broader cyber ecosystem, operationalizing technological advancement into mission-ready, enterprise-grade solutions.
At Merlin, we believe our strength lies in our people. Team members are encouraged to be creative, collaborative, and nimble, pursuing paths to deliver the cutting-edge cybersecurity solutions that our customers rely on. From next-generation cyber defense to secure cloud and AI, we are united by one purpose – transforming innovation into mission impact.
The Opportunity
The Security Operations Center (SOC) is responsible for continuous monitoring, threat detection, and incident response across a multi-cloud environment supporting FedRAMP Moderate and High workloads. The team operates dual-stack SIEM architecture (Splunk and SentinelOne) serving customers across AWS, Azure, and GCP. We are expanding the team to deepen our operational capabilities and mature our security posture.
We are looking for a Senior SOC Analyst to serve as the T3 Lead, providing shift leadership and technical direction for the operations team. In this role, you will own day-to-day operational decisions, mentor junior analysts, and drive framework alignment across compliance control families. You will work closely with the SOC Manager to coordinate cross-team efforts with Engineering, GRC, and Infrastructure.
Primary Duties & Responsibilities
- Provide shift leadership and day-to-day operational direction for the SOC team
- Lead compliance framework alignment including control evaluation, gap analysis, and NIST 800-53 traceability
- Drive audit readiness through dry-run assessments, KPI validation, and evidence gap remediation
- Mentor T1 and T2 analysts on detection methodology, triage procedures, and engineering best practices
- Coordinate cross-functional dependencies with Engineering, GRC, and Infrastructure teams
- Contribute to operational planning, transition readiness, and continuous improvement initiatives
Required
- 5 years of SOC experience with at least 2 years in a senior or lead analyst capacity
- Deep familiarity with NIST 800-53, FedRAMP control families, and compliance evidence requirements
- Hands-on experience with SIEM platforms such as Splunk and/or SentinelOne
- Strong mentorship ability across triage, detection engineering, and incident response
- Experience operating in multi-cloud environments (AWS, Azure, GCP)
- Experience leading SOC teams through FedRAMP audit cycles
- Familiarity with MITRE ATT&CK framework and detection coverage mapping
- Background in detection-as-code practices and version-controlled rule management
- Experience with SOAR platforms and automated incident response workflows
- Prior work in a managed security services or multi-tenant SOC environment
- Ability to operate in a fast-paced, growth-oriented environment
- Strong collaboration across distributed teams
We want to empower and inspire employees to be and do their best. Our workdays are dynamic, collegial, and fun. Our office features multiple places to work unconstrained by typical office barriers. Our wellness package provides access to an on-site gym and includes medical, dental, and vision insurance along with options for FSA and EAP. We offer 401(k) with employer match, unlimited PTO, and a culture respectful of the reality that not everything in one’s personal life is guaranteed to happen only after hours.
All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran, or any other status protected by applicable federal, state, local, or international law.
www.themerlingroup.com