Security Operations Center Lead

Job Title: SOC Lead/Manager

Position Type: Full Time- Permanent

Location: Franklin, TN

Job Description:

Key Responsibilities

Leadership & Operations

• Oversee daily SOC operations, including shift coverage, alert ticketing system, vulnerability scanning, and incident response.

• Lead, mentor, and develop SOC analysts; provide coaching, feedback, and escalation support.

• Manage SOC workflows, performance metrics, and service delivery KPIs.

• Serve as the escalation point for critical incidents and coordinate cross-functional response.

• Manage vulnerability program to identify and remediate vulnerabilities across the technology stack.

Technical & Incident Response

• Guide analysts through investigation, containment, and remediation activities.

• Ensure consistent use of SIEM, EDR, SOAR, and threat intelligence tools (e.g., Sumo Logic, Defender, Microsoft 365).

• Refine detection rules, playbooks, and response procedures.

• Conduct threat intelligence and vulnerability management.

Compliance & Audit Readiness

• Execute and maintain security and compliance monitoring and audit functions.

• Support internal and client audits aligned with NIST 800-171, CMMC, and other standards.

• Own audit and control functions, ensuring separation of duties and documentation integrity.

• Support Client audits by providing artifacts and being interviewed.

• Maintain audit documentation suite and work with Clients to customize to their needs.

Stakeholder Engagement

• Communicate incident details and SOC updates to internal and external stakeholders.

• Support onboarding of new SOC clients, including tuning and baselining.

• Collaborate with support and development teams to support broader security initiatives.

Program & Process Improvement

• Identify opportunities to improve SOC effectiveness, automation, and efficiency.

• Contribute to service maturity, including documentation, KPIs, and operational standards.

• Conduct disaster recovery and incident response drills.

Required Qualifications

• Bachelor's Degree

• Eligible for a tier three security clearance

• 3–5 years of leadership experience, including people management.

• Strong understanding of SIEM/EDR technologies, detection logic, and investigative methodologies.

• Experience with regulated environments (e.g., DoD, DFARS/CMMC, NIST 800-171).

• Hands-on experience with log aggregation, malware analysis, incident response and DevOps environments.

Preferred Skills & Certifications

• Experience with Sumo Logic and Microsoft 365.

• Certifications: Security , CySA , GCIH, GCIA, CISSP, CCA, CCP

• Familiarity with MDR/SOC service environments and client onboarding.