Security Operations Team Lead

About The Position

Requirements

• Bachelor’s Degree in a related field and five (5) or more years in Information Technology.
• In lieu of a degree, two (2) years of experience in a related technology field and relevant industry certifications are required.
• Demonstrated experience with SOC operations, executing security event triaging and tuning.
• Demonstrated experience writing runbooks and support procedures.
• Demonstrated experience as a technical lead for security operations.
• Strong understanding of Incident Response phases and demonstrated experience responding to security incidents.
• Demonstrated experience with security event triaging and threat hunting executed through both a SIEM and EDR toolset.
• Demonstrated experience with Endpoint Detection and Response (EDR) or Security Orchestration Automation and Response solutions.
• CrowdStrike
• Splunk Enterprise Security
• Demonstrated experience with scripting in industry standard languages in a manner that supports automation solutions.
• Demonstrated experience communicating and presenting to executive level client stakeholders.
• Excellent written and verbal communication skills.
• Previous experience in technical support or security-focused role.
• Must be authorized to work within the United States.

Nice To Haves

• Bachelor’s Degree and seven (7) or more years in the Information Technology field.
• Holds at least two relevant industry certifications (GCFA, GCIH, CEH, CISSP, etc.)
• Technical writing and reporting experience.
• Experience executing initial triaging and response through a SOAR platform.
• Experience with multiple operating systems (Linux, MacOS, Windows), their command lines, processes, and file systems.
• Experience with memory and storage forensics.
• Experience with static and dynamic malware analysis.
• Experience providing recommendations to harden existing security controls.
• Experience identifying gaps within security control architecture.
• Talent for communicating complex topics in an easily digestible manner.
• Experience with data science techniques (clustering, anomaly detection, data normalization, etc.)
• General systems administrator experience.
• Experience working with State and Local Government.
• Experience working in multiple cybersecurity disciplines (i.e. RedSec, Threat, Information Assurance, Engineering, etc.)

Responsibilities

• Lives by the NuHarbor corporate values: Help Clients Win, Always Improve, Protect the House.
• Are responsible and accountable for analyzing security alerts, events, and trends to effectively communicate the value of NuHarbor services.
• Conduct investigations independently and provide actionable, context-relevant escalations and recommendations to clients.
• Support the Security Analyst team with alert triage, classification, disposition, and escalation within SLA requirements.
• Serve as the primary technical escalation point for complex or high-severity security incidents. Guide the investigation and response efforts to ensure timely and effective remediation.
• Perform regular quality assurance checks on analysts’ work, including alert triage, investigation notes, and incident reports, to ensure accuracy, thoroughness, and adherence to established procedures.
• Provide constructive, real-time feedback to analysts on their technical work and help them develop their skills in areas like forensics, malware analysis, and threat hunting.
• Contribute to the development, documentation, and refinement of SOC processes, standard operating procedures (SOPs), and incident response playbooks.
• Lead and participate in proactive threat hunting activities and assist in the analysis of emerging threats, vulnerabilities, and security trends.
• Develop, implement, and improve documentation and operational processes.
• Train, mentor, and support junior analysts autonomously.
• Perform threat hunting in client environments.
• Develop automation playbooks to reduce alert volume and increase alert fidelity.
• Develop and tune detections to support NuHarbor Detection Engineering Strategy.
• Develop recommendations and enhancements to mature a client’s cybersecurity program.
• Demonstrate a team-first mindset and proactively support operations without direct leader assignment.
• Communicate effectively with leadership regarding escalations or advanced threats that require additional after-hour support.
• Perform 1 on 1 meetings with SOC analysts.

Benefits

• The engagement and support of company leadership who recognize the challenge of marketing a complex cybersecurity service in a chaotic market.
• An organization that recognizes and rewards employee commitment and contribution to our customers’ satisfaction and success
• Growth in your career and capabilities as you help to chart a path to improving customer interactivity and service adoption.
• A collaborative and driven working environment in a rapidly growing company and market
• A fun and social working environment where you are encouraged to be your true self.
• You can also expect competitive salary and benefits, including paid time to give back in your community and generous PTO.