SOC Analyst-Tier 3 Shift Lead

True Zero Technologies, a veteran-owned small business, was founded on the principle that the purposeful enablement of people and technology in an organization directly ties to the quality of its outcomes. True Zero recognizes that those outcomes begin and end with our people, and that is what we have built a community of like-minded, driven, and passionate individuals and innovators who are aligned in a common goal of delivering top-tier services to our customers. Our culture and commitment have been recognized through numerous accolades, including being named one of the Best Places to Work in 2023 in two categories (“Prosperous and Thriving” ($5MM–$50MM in gross revenue) and “Mid-Atlantic Region” (DC, DE, MD, NC, VA, WV)), and again in 2025 as a Best Places to Work honoree. In addition, True Zero earned coveted spots on the Inc. 5000 list of fastest-growing companies in America in 2022, 2023, and 2025, a testament to our sustained growth driven by our people-first approach and unwavering dedication to excellence. Job Responsibilities Supervise and mentor SOC Analysts Assign and balance workload across analysts and shifts Monitor queue health, SLA compliance, and alert backlog Conduct regular performance check-ins Address quality gaps and provide corrective guidance Reinforce adherence to documented playbooks and procedures Primary Focus: Ensure consistent and effective analyst performance. Hands-On Monitoring & Investigation Perform daily alert triage alongside SOC Analysts Conduct investigations on moderate to high-severity alerts Lead or directly support complex or multi-system investigations Validate alert classifications and case documentation Participate in shift coverage as needed Primary Focus: Maintain technical engagement and operational credibility. Serve as the first escalation point for analysts Lead investigations for high-severity incidents Coordinate response actions with internal stakeholders Ensure timely and accurate communication during incidents Drive investigations to clear, defensible conclusions Primary Focus: Maintain operational control during critical events. Investigation Quality & Case Governance Review analyst investigations for accuracy and completeness Approve or return cases prior to closure Ensure proper evidence collection and timeline documentation Enforce consistent tagging, classification, and case hygiene Primary Focus: Protect the integrity of SOC output. Process & Continuous Improvement Maintain and update SOC playbooks and workflows Identify inefficiencies in monitoring or case handling Provide feedback on alert tuning and automation improvements Capture and integrate lessons learned Stakeholder Coordination Respond to formal information requests within defined SLAs Serve as liaison between SOC analysts and leadership Support audits, reporting, and compliance requirements Participate in shift handoffs and operational planning Primary Focus: Maintain trust and communication across teams. Workload Segmentation (Approximate) 30% – Direct Monitoring & Investigation Work 25% – Escalation & High-Severity Incident Leadership 20% – Team Management & Performance Oversight 15% – Investigation Quality Review & Case Governance 10% – Process Improvement & Documentation Percentages may shift during major incidents or staffing changes.