OneAxiom

Compensation

Full Description

JOB SUMMARY The SOC Lead position is a leadership role within the OneAxiom Security Operations Center (SOC), guiding the analysts' team as they protect customers from cybersecurity threats. This role involves coordinating resources during incident response, overseeing security events investigations, developing technical guidance for the SOC, leading threat-hunting efforts, and providing oversight and review of detection engineering processes. The SOC Lead position responsibilities include leading the technical account management efforts. RESPONSIBILITIES Key Responsibilities Technical Leader - The SOC Lead oversees operations of the SOC team, analyst conduct operations as prescribed in Standard Operating Procedures (SOPs) and service order Technical Leader - Developing and implementing security policies and procedures for the SOC team Technical - Leader Serving as final technical escalation point for investigations from the SOC operations team Incident Response - Lead incident response efforts, especially for complex or large incidents Incident Response - Develop incident response SOPs, training plans Incident Response - Provide oversight and guidance to the development, configuration, and improvement of platforms used in incident response investigations Detection Engineering - Review detection rules that were written using Sigma and Kibana Query Language logic Detection Engineering - Lead and prioritize detection engineering efforts to counter newly emerging threats and ongoing campaigns targeting customer environments Detection Engineering - Provides QA of detection rules Technical Account Management - Serve as Technical Account Manager to enterprise level customers Technical Account Management - Lead Technical account management team in authoring of relevant SOPs and deliverable creation Technical Account Management - Answer customer inquiries regarding cybersecurity best practices Threat Hunting - Assist in conducting threat hunting using a variety of tools, including Bloodhound, SIEM offerings, and EDR offerings Threat Hunting - Provide oversight of written threat-hunting deliverables MINIMUM QUALIFICATIONS Candidates for this position should possess at least three years of hands-on analyst experience working in a security operations center. Additionally, candidates should have at least one year of experience in a direct customer-facing role providing technical or advisory services in the cybersecurity field. RECOMMENDED QUALIFICATIONS Ideal Candidates The ideal candidate for this position will have extensive experience serving as a technical leader for multiple SOC analysts, leading teams in completing incident response investigations, and overseeing customer account management efforts. Ideal candidates will also have experience using SIEM platforms similar to Splunk, Elastic Stack, OpenSearch Security, and EDR Tools similar to SentinalOne, CrowdStrike Falcon, Carbon Black, or Microsoft Defender Endpoint. Additionally, ideal candidates will have strong leadership and communication skills.