Supervisor - Security Operations Center

About The Position

Requirements

• College diploma or university degree in cybersecurity, computer science, information technology, or a related field; or a minimum of seven (7) years of equivalent work experience.
• Minimum of three (3) years of supervisory or team lead experience in security operations, incident response, or similar environment.
• Professional certifications such as CASP+, GIAC GSP, CISM, CISSP, or equivalent; additional certifications (e.g., CEH, GCIH, cloud security) preferred.
• Hands-on experience with SIEM, EDR, SOAR/XDR, firewall/IDS/IPS solutions, cloud-based monitoring tools, and threat intelligence platforms.
• Practical understanding of incident response, threat analysis, log/network analysis, and triage of security events across structured and unstructured environments.
• Familiarity with identity management systems, user access patterns, authentication flows, and privileged account monitoring.
• Strong understanding of network protocols, operating systems, endpoint behavior, and common attack techniques.
• Ability to create and manage high-quality, accurate documentation.
• Excellent written and oral communication and presentation skills for leadership, technical, and business audiences.
• Business acumen and understanding of risk management principles.
• Project management experience, including problem statements, use cases, and success criteria, is preferred.
• Ability to act calmly, decisively, and competently during high-pressure, high-stress situations.
• Critical thinker with strong problem-solving skills.
• High level of personal integrity, self-motivation, time-management skills, and professional maturity.
• Commitment to continuous learning and professional development.

Nice To Haves

• Previous experience in hospitality, gaming, or large enterprise environments (casino/resort operations a plus).
• Familiarity with data classification, data loss prevention (DLP), and data access monitoring.
• Experience with vulnerability management, patch management, or security compliance frameworks.

Responsibilities

• Lead, mentor, and develop the Cyber Security Operations team (Level 1–3 analysts), including talent acquisition, retention, and career development.
• Oversee daily monitoring of SIEM, EDR, SOAR/XDR, firewalls, identity platforms, cloud environments, and other security systems for suspicious or malicious activity.
• Coordinate triage, investigation, containment, and remediation of cybersecurity events, ensuring timely and accurate resolution.
• Develop, enhance, and enforce operational processes and procedures for alert triage, incident response, threat hunting, escalation, and post-incident reviews.
• Integrate threat intelligence and automation into SOC workflows to improve situational awareness and detection capabilities.
• Evaluate, refine, and approve updates to detection rules, dashboards, alert logic, playbooks, and automation scripts to improve efficiency and reduce false positives.
• Track and report key SOC performance metrics (e.g., MTTD, MTTR, false positive rates) and communicate findings to executive leadership, translating technical risks into business impact.
• Ensure proper documentation of security events, investigation notes, incident summaries, and root-cause analyses.
• Maintain inventories of security monitoring tools, telemetry sources, and protected systems; recommend new technologies as needed.
• Ensure SOC operations comply with relevant regulatory requirements (e.g., PCI DSS, GDPR, NIST) and participate in periodic reviews, audits, tabletop exercises, and readiness assessments.
• Foster a culture of continuous learning, professional development, and cross-functional collaboration with IT, business, and compliance teams.
• Provide training, mentoring, and performance feedback to Cyber Security Analysts.
• Act calmly, decisively, and competently during high-pressure, high-stress situations.
• Other duties as assigned.