Cyber Security SOC Manager

LED FastStartBossier City, LA
$136,000 - $184,000Onsite

About The Position

As the Cyber Security SOC Manager supporting VITA, this leader is the technical driver of the SOC's day-to-day operations and detection posture — architecting how the operation detects, responds, and improves, and keeping a finger on the pulse of the industry to know which tools and practices to integrate, replace, or retire. This role partners with the Operations Manager on the SOC's broader strategic direction; the SOC Manager brings the technical and architectural point of view to that partnership rather than setting strategy unilaterally. They lead the Tier I–III analyst team and are accountable for team performance, shift coverage, analyst development, and SLA compliance. They partner with an embedded SOC Analyst, Tier III, as their senior execution arm, building against the standards and architecture the SOC Manager defines. Deep hands-on command of Splunk is required, with strong working knowledge of Tenable and CrowdStrike used to design the SOC's detection pipeline, data model, and automation fabric. The SOC Manager is the senior escalation point for complex incidents and a credible customer interface — customer-facing, but grounded in technical authority rather than sales. Above all, this role drives measurable improvement: better performance, better reporting, fewer errors, lower cost where possible, and a more secure environment.

Requirements

  • BA/BS or equivalent
  • 5+ years of experience required in cybersecurity operations, including demonstrated supervisory or team-lead experience in a SOC environment.
  • Advanced SPL, dashboard development, automated alerting, and correlation-search creation in an operational SOC.
  • Tenable and CrowdStrike: Native data experience and interpretation skills, correlation with other data, and understanding of the integration with Splunk data and dashboards.
  • Must possess or be able to obtain within six months of start two of the following certifications to meet DoD 8140/DCWF CSSP Analyst requirements: CEH, CFR, CCNA Cyber Ops, CCNA-Security, CySA+, GCIA, GCIH, GICSP, Cloud+, SCYBER, or PenTest+.
  • Must be able to pass a background check to obtain a position of Public Trust.

Nice To Haves

  • 8+ years of experience strongly preferred.

Responsibilities

  • Serve as senior escalation authority for complex, high-severity incidents; oversee containment and remediation, and ensure documentation and customer communication throughout the incident lifecycle.
  • Provide expertise with IOCs, TTPs, threat hunting, and threat intelligence; own customer-facing escalation and remediation.
  • Ensure the team recognizes intrusion attempts and triages, prioritizes, and escalates incidents per established runbooks.
  • Ensure detection of the full spectrum of known attacks (DDoS, malware, phishing, ransomware, and others) and correlation of events across capabilities.
  • Ensure malware analysis is reviewed and correlated across incidents, and that malicious activity is documented and reported with clear remediation recommendations.
  • Set the standards, priorities, and design for Splunk dashboards, reports, correlation searches, and alert actions that give analysts and leadership visibility into threat activity, SOC performance, and incident trends — the SOC Analyst, Tier III executes the build and maintenance.
  • Direct automated detection and correlation content that reduces analyst workload, cuts false positives, and speeds response to high-priority threats.
  • Oversee SPL searches, scheduled reports, and lookup-driven workflows; guide scripting (Python, PowerShell) that extends Splunk and supports automation.
  • Retain hands-on fluency in Splunk and CyberArk sufficient to direct the work credibly, validate quality, and step in when needed.
  • Align detections and logging with frameworks and controls: NIST 800-53, NIST CSF, PCI DSS, HIPAA, and SOX as applicable to the customer environment.
  • Set the tuning strategy for use cases, correlation rules, and alert logic to raise fidelity and reduce noise across the SOC; the Tier III analyst implements the changes.
  • Working knowledge of scripting (Python, PowerShell, or Bash) for automation, log parsing, and workflow integration — able to read and modify scripts to direct SOC automation.
  • Champion automation that cuts manual analyst burden, improves detection fidelity, and accelerates response, directing the Tier III analyst on implementation.
  • Lead, supervise, and develop the Tier I–III team; manage shift scheduling, performance expectations, and career development — using the SOC Analyst, Tier III as the senior execution arm for the Manager's technical vision.
  • Own SOC SLA compliance and performance reporting; deliver operational metrics, trend analysis, and executive briefings to program leadership and the customer.
  • Serve as the primary customer interface; manage expectations, communicate incident status, and build trusted relationships with VITA stakeholders.
  • Drive continuous improvement across processes, runbooks, and playbooks; run post-incident retrospectives and apply lessons learned.
  • Keep a finger on the pulse of the industry — continuously assess tools, platforms, and techniques for technical fit, and recommend what to integrate, replace, or retire across the detection and response stack.
  • Define the target-state SOC architecture — detection pipeline, data model, and automation fabric — and set the engineering standards the Tier III analyst executes against.
  • Partner with the Operations Manager on SOC strategy, contributing the technical and architectural perspective to shared strategic decisions rather than setting direction unilaterally.
  • Drive improvement by design: higher detection fidelity and performance, cleaner reporting, fewer manual errors, lower tooling and compute cost, and a stronger security posture.
  • Evaluate and prototype new capabilities before production; make build-vs-buy and integrate-vs-replace calls grounded in hands-on assessment.
  • Raise the team's engineering bar, mentoring analysts toward detection-engineering practices with the Tier III analyst as senior builder.

Benefits

  • Growth: AI-powered career tool that identifies career steps and learning opportunities
  • Support: An internal mobility team focused on helping you achieve your career goals
  • Rewards: Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off
  • Flexibility: Full-flex work week to own your priorities at work and at home
  • Community: Award-winning culture of innovation and a military-friendly workplace
  • variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match.
  • Full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave.
  • short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available.
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service