SOC Supervisor

About The Position

Requirements

• Strong leadership and people management skills in a SOC, NOC, or security operations environment
• Experience leading major incident response and serving in an incident command role
• Deep understanding of SOC workflows, escalation paths, case management, and alert triage operations
• Ability to manage queue health, prioritize competing operational demands, and maintain SLA performance
• Strong communication skills with the ability to engage technical teams, customers, and executive stakeholders
• Experience with QA reviews, documentation standards, and audit-ready case handling
• Ability to use metrics and reporting to drive operational decisions and continuous improvement
• Knowledge of playbook development, SOP governance, and process standardization
• Familiarity with detection tuning, SOAR/automation opportunities, and operational tooling improvements
• Strong coaching, mentoring, and performance management capabilities
• Ability to stay calm and decisive in high-pressure situations
• Strong organizational skills and ability to balance tactical response with strategic initiatives
• 5+ years of experience in Security Operations, Incident Response, or Cybersecurity Operations
• 2+ years of experience in a leadership, supervisory, or team lead role within a SOC or similar environment
• Experience managing analysts or engineers across multiple levels of seniority
• Proven experience overseeing security incidents, escalations, and operational workflows in a 24x7 or shift-based environment
• Experience working with SOC tooling such as SIEM, SOAR, EDR/XDR, ticketing systems, and case management platforms
• Strong understanding of incident response processes, threat detection, escalation management, and security operations best practices
• Experience with KPI development, SLA tracking, and operational performance reporting
• Familiarity with audit, compliance, and documentation requirements relevant to security operations

Nice To Haves

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field
• Industry certifications such as Security+, CySA+, GCIH, GCIA, CISSP, or equivalent

Responsibilities

• Oversee daily SOC operations and monitor the health of the alert and ticket queue
• Balance workloads across SOC team members to ensure efficient operations
• Act as Incident Commander during critical or high-impact security incidents
• Lead communications with customers, internal IT teams, and executive stakeholders during major incidents
• Ensure the team consistently meets SLAs for triage, response, escalation, and resolution
• Remove technical, operational, or cross-functional blockers impacting investigations
• Serve as the highest point of operational escalation for the team or shift
• Review handoff logs and ensure continuity across shifts
• Lead, coach, and develop SOC staff across multiple experience levels
• Conduct regular 1-on-1 meetings focused on performance, growth, and career development
• Manage shift schedules, coverage plans, on-call rotations, and time-off requests
• Build training plans and support skill development for junior and mid-level analysts
• Address performance, behavioral, and engagement issues promptly and professionally
• Foster a collaborative, accountable, and blameless team culture
• Support internal talent progression and promotion readiness
• Conduct regular QA reviews of closed, escalated, and high-impact tickets
• Ensure SOC documentation is accurate, complete, professional, and audit-ready
• Identify recurring quality issues or knowledge gaps across the team
• Provide clear, actionable feedback to improve analysis quality and communication
• Address stakeholder feedback related to investigation quality or customer communication
• Enforce the use of approved playbooks, SOPs, and standardized workflows
• Ensure team members contribute to the creation and maintenance of playbooks
• Review and approve updates to core SOC processes and response procedures
• Maintain operational compliance with internal standards and relevant regulatory requirements
• Drive consistency in incident handling and reduce reliance on tribal knowledge
• Analyze SOC metrics such as time to triage, time to contain, response efficiency, and queue aging
• Identify process bottlenecks and implement workflow improvements
• Advocate for tooling enhancements, automation opportunities, and detection tuning
• Partner with Detection Engineering, Threat Intelligence, IT, and other teams to close operational gaps
• Reduce analyst fatigue and false positives through process and technology improvements
• Help mature the SOC from a reactive function into a proactive security operation
• Generate and present KPI and performance reporting to leadership on a regular basis
• Provide accurate, transparent updates on SOC operations, risks, and team performance
• Represent the SOC in cross-functional meetings and stakeholder discussions
• Proactively identify risks to service delivery, including staffing shortages, tooling issues, and process gaps
• Take accountability for team outcomes and lead root cause analysis and corrective actions when issues arise

Benefits

• Competitive compensation
• Health Insurance (medical, vision, dental), 80% covered for employee-only plans and 75% covered for employee-spouse, employee-kids, and employee-family plans
• Flexible Spending Account (FSA)
• Health Savings Account (HSA)
• Employee Assistance Program (EAP)
• Retirement Plan (401(k)) with company match
• Commuter Benefits
• Short-Term Disability Insurance fully paid by the company
• Long-Term Disability Insurance fully paid by the company
• Life and AD&D Insurance, with optional Supplemental Life Insurance
• Paid Time Off, including Paid Parental Leave
• 10 Holidays
• 2 Floating Holidays