Security Operations Team Lead

Atlanta2w ago

Seniority: Lead

About the role

<h2>The Company</h2> Every day, NuHarbor Security improves the cybersecurity of our clients by making it stronger and easier to understand.  Our comprehensive suite of security services, from strategic advising to 24-hour monitoring and management, provide an organizational view of security that is focused on results and recommendations that are valuable for both business and technical leaders.  We’re growing quickly because our clients, and the general market, are looking for these outcomes and for the data it gives them to explain, promote, and justify, their security investment and mission. <h2>The Role</h2> The SOC Team Lead role serves as the technical and operational management head of a portion of the NuHarbor Security Analyst team.  The Team Lead reports directly to the Security Operations Manager and is accountable to ensure that the Analyst team operates effectively, professionally, in a timely manner and in the best interest of NuHarbor Security and our clients.  What you’ll do <ul> <li data-leveltext="›" data-font="Open Sans" data-listid="32" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Open Sans","469769242":[8226],"469777803":"left","469777804":"›","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="1">Lives by the NuHarbor corporate values: Help Clients Win, Always Improve, Protect the House. </li> </ul> <ul> <li data-leveltext="›" data-font="Open Sans" data-listid="32" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Open Sans","469769242":[8226],"469777803":"left","469777804":"›","469777815":"hybridMultilevel"}" data-aria-posinset="2" data-aria-level="1">Are responsible and accountable for analyzing security alerts, events, and trends to effectively communicate the value of NuHarbor services. </li> </ul> <ul> <li data-leveltext="›" data-font="Open Sans" data-listid="32" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Open Sans","469769242":[8226],"469777803":"left","469777804":"›","469777815":"hybridMultilevel"}" data-aria-posinset="3" data-aria-level="1">Conduct investigations independently and provide actionable, context-relevant escalations and recommendations to clients. </li> </ul> <ul> <li data-leveltext="›" data-font="Open Sans" data-listid="32" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Open Sans","469769242":[8226],"469777803":"left","469777804":"›","469777815":"hybridMultilevel"}" data-aria-posinset="4" data-aria-level="1">Support the Security Analyst team with alert triage, classification, disposition, and escalation within SLA requirements. </li> </ul> <ul> <li data-leveltext="›" data-font="Open Sans" data-listid="32" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Open Sans","469769242":[8226],"469777803":"left","469777804":"›","469777815":"hybridMultilevel"}" data-aria-posinset="5" data-aria-level="1">Serve as the primary technical escalation point for complex or high-severity security incidents. Guide the investigation and response efforts to ensure timely and effective remediation. </li> </ul> <ul> <li data-leveltext="›" data-font="Open Sans" data-listid="32" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Open Sans","469769242":[8226],"469777803":"left","469777804":"›","469777815":"hybridMultilevel"}" data-aria-posinset="6" data-aria-level="1">Perform regular quality assurance checks on analysts’ work, including alert triage, investigation notes, and incident reports, to ensure accuracy, thoroughness, and adherence to established procedures. </li> </ul> <ul> <li data-leveltext="›" data-font="Open Sans" data-listid="32" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Open Sans","469769242":[8226],"469777803":"left","469777804":"›","469777815":"hybridMultilevel"}" data-aria-posinset="7" data-aria-level="1">Provide constructive, real-time feedback to analysts on their technical work and help them develop their skills in areas like forensics, malware analysis, and threat hunting. </li> </ul> <ul> <li data-leveltext="›" data-font="Open Sans" data-listid="32" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Open Sans","469769242":[8226],"469777803":"left","469777804":"›","469777815":"hybridMultilevel"}" data-aria-posinset="8" data-aria-level="1">Contribute to the development, documentation, and refinement of SOC processes, standard operating procedures (SOPs), and incident response playbooks. </li> </ul> <ul> <li data-leveltext="›" data-font="Open Sans" data-listid="32" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Open Sans","469769242":[8226],"469777803":"left","469777804":"›","469777815":"hybridMultilevel"}" data-aria-posinset="9" data-aria-level="1">Lead and participate in proactive threat hunting activities and assist in the analysis of emerging threats, vulnerabilities, and security trends. </li> </ul> <ul> <li data-leveltext="›" data-font="Open Sans" data-listid="32" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Open Sans","469769242":[8226],"469777803":"left","469777804":"›","469777815":"hybridMultilevel"}" data-aria-posinset="10" data-aria-level="1">Develop, implement, and improve documentation and operational processes. </li> </ul> <ul> <li data-leveltext="›" data-font="Open Sans" data-listid="32" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Open Sans","469769242":[8226],"469777803":"left","469777804":"›","469777815":"hybridMultilevel"}" data-aria-posinset="11" data-aria-level="1">Train, mentor, and support junior analysts autonomously. </li> </ul> <ul> <li data-leveltext="›" data-font="Open Sans" data-listid="32" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Open Sans","469769242":[8226],"469777803":"left","469777804":"›","469777815":"hybridMultilevel"}" data-aria-posinset="12" data-aria-level="1">Perform threat hunting in client environments. </li> </ul> <ul> <li data-leveltext="›" data-font="Open Sans" data-listid="32" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Open Sans","469769242":[8226],"469777803":"left","469777804":"›","469777815":"hybridMultilevel"}" data-aria-posinset="13" data-aria-level="1">Develop automation playbooks to reduce alert volume and increase alert fidelity. </li> </ul> <ul> <li data-leveltext="›" data-font="Open Sans" data-listid="32" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Open Sans","469769242":[8226],"469777803":"left","469777804":"›","469777815":"hybridMultilevel"}" data-aria-posinset="14" data-aria-level="1">Develop and tune detections to support NuHarbor Detection Engineering Strategy. </li> </ul> <ul> <li data-leveltext="›" data-font="Open Sans" data-listid="32" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Open Sans","469769242":[8226],"469777803":"left","469777804":"›","469777815":"hybridMultilevel"}" data-aria-posinset="15" data-aria-level="1">Develop recommendations and enhancements to mature a client’s cybersecurity program. </li> </ul> <ul> <li data-leveltext="›" data-font="Open Sans" data-listid="32" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Open Sans","469769242":[8226],"469777803":"left","469777804":"›","469777815":"hybridMultilevel"}" data-aria-posinset="16" data-aria-level="1">Demonstrate a team-first mindset and proactively support operations without direct leader assignment.   </li> </ul> <ul> <li data-leveltext="›" data-font="Open Sans" data-listid="32" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Open Sans","469769242":[8226],"469777803":"left","469777804":"›","469777815":"hybridMultilevel"}" data-aria-posinset="17" data-aria-level="1">Communicate effectively with leadership regarding escalations or advanced threats that require additional after-hour support. </li> </ul> <ul> <li data-leveltext="›" data-font="Open Sans" data-listid="32" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Open Sans","469769242":[8226],"469777803":"left","469777804":"›","469777815":"hybridMultilevel"}" data-aria-posinset="18" data-aria-level="1">Perform 1 on 1 meetings with SOC analysts. </li> </ul> Your foundation.  The requirements for this role: <ul> <li data-leveltext="›" data-font="Open Sans" data-listid="34" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Open Sans","469769242":[8226],"469777803":"left","469777804":"›","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="1">Bachelor’s Degree in a related field and five (5) or more years in Information Technology. </li> </ul> <ul> <li data-leveltext="o" data-font="Courier New" data-listid="34" data-list-defn-props="{"335552541":1,"335559685":1440,"335559991":360,"469769226":"Courier New","469769242":[9675],"469777803":"left","469777804":"o","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="2">In lieu of a degree, two (2) years of experience in a related technology field and relevant industry certifications are required. </li> </ul> <ul> <li data-leveltext="›" data-font="Open Sans" data-listid="32" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Open Sans","469769242":[8226],"469777803":"left","469777804":"›","469777815":"hybridMultilevel"}" data-aria-posinset="19" data-aria-level="1">Demonstrated experience with SOC operations, executing security event triaging and tuning. </li> </ul> <ul> <li data-leveltext="›" data-font="Open Sans" data-listid="32" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Open Sans","469769242":[8226],"469777803":"left","469777804":"›","469777815":"hybridMultilevel"}" data-aria-posinset="20" data-aria-level="1">Demonstrated experience writing runbooks and support procedures. </li> </ul> <ul> <li data-leveltext="›" data-font="Open Sans" data-listid="32" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Open Sans","469769242":[8226],"469777803":"left","469777804":"›","469777815":"hybridMultilevel"}" data-aria-posinset="21" data-aria-level="1">Demonstrated experience as a technical lead for security operations. </li> </ul> <ul> <li data-leveltext="›" data-font="Open Sans" data-listid="32" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Open Sans","469769242":[8226],"469777803":"left","469777804":"›","469777815":"hybridMultilevel"}" data-aria-posinset="22" data-aria-level="1">Strong understanding of Incident Response phases and demonstrated experience responding to security incidents. </li> </ul> <ul> <li data-leveltext="›" data-font="Open Sans" data-listid="32" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Open Sans","469769242":[8226],"469777803":"left","469777804":"›","469777815":"hybridMultilevel"}" data-aria-posinset="23" data-aria-level="1">Demonstrated experience with security event triaging and threat hunting executed through both a SIEM and EDR toolset. </li> </ul> <ul> <li data-leveltext="›" data-font="Open Sans" data-listid="32" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Open Sans","469769242":[8226],"469777803":"left","469777804":"›","469777815":"hybridMultilevel"}" data-aria-posinset="24" data-aria-level="1">Demonstrated experience with Endpoint Detection and Response (EDR) or Security Orchestration Automation and Response solutions. </li> </ul> <ul> <li data-leveltext="o" data-font="Courier New" data-listid="32" data-list-defn-props="{"335552541":1,"335559685":1440,"335559991":360,"469769226":"Courier New","469769242":[9675],"469777803":"left","469777804":"o","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="2">CrowdStrike </li> </ul> <ul> <li data-leveltext="o" data-font="Courier New" data-listid="32" data-list-defn-props="{"335552541":1,"335559685":1440,"335559991":360,"469769226":"Courier New","469769242":[9675],"469777803":"left","469777804":"o","469777815":"hybridMultilevel"}" data-aria-posinset="2" data-aria-level="2">Splunk Enterprise Security </li> </ul> <ul> <li data-leveltext="›" data-font="Open Sans" data-listid="32" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Open Sans","469769242":[8226],"469777803":"left","469777804":"›","469777815":"hybridMultilevel"}" data-aria-posinset="25" data-aria-level="1">Demonstrated experience with scripting in industry standard languages in a manner that supports automation solutions. </li> </ul> <ul> <li data-leveltext="›" data-font="Open Sans" data-listid="32" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Open Sans","469769242":[8226],"469777803":"left","469777804":"›","469777815":"hybridMultilevel"}" data-aria-posinset="26" data-aria-level="1">Demonstrated experience communicating and presenting to executive level client stakeholders. </li> </ul> <ul> <li data-leveltext="›" data-font="Open Sans" data-listid="32" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Open Sans","469769242":[8226],"469777803":"left","469777804":"›","469777815":"hybridMultilevel"}" data-aria-posinset="27" data-aria-level="1">Excellent written and verbal communication skills. </li> </ul> <ul> <li data-leveltext="›" data-font="Open Sans" data-listid="32" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Open Sans","469769242":[8226],"469777803":"left","469777804":"›","469777815":"hybridMultilevel"}" data-aria-posinset="28" data-aria-level="1">Previous experience in technical support or security-focused role. </li> </ul> <ul> <li data-leveltext="›" data-font="Open Sans" data-listid="32" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Open Sans","469769242":[8226],"469777803":"left","469777804":"›","469777815":"hybridMultilevel"}" data-aria-posinset="29" data-aria-level="1">Must be authorized to work within the United States. </li> </ul> Additional capabilities that will differentiate you for this role: <ul> <li data-leveltext="›" data-font="Open Sans" data-listid="32" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Open Sans","469769242":[8226],"469777803":"left","469777804":"›","469777815":"hybridMultilevel"}" data-aria-posinset="30" data-aria-level="1">Bachelor’s Degree and seven (7) or more years in the Information Technology field. </li> </ul> <ul> <li data-leveltext="›" data-font="Open Sans" data-listid="32" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Open Sans","469769242":[8226],"469777803":"left","469777804":"›","469777815":"hybridMultilevel"}" data-aria-posinset="31" data-aria-level="1">Holds at least two relevant industry certifications (GCFA, GCIH, CEH, CISSP, etc.) </li> </ul> <ul> <li data-leveltext="›" data-font="Open Sans" data-listid="32" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Open Sans","469769242":[8226],"469777803":"left","469777804":"›","469777815":"hybridMultilevel"}" data-aria-posinset="32" data-aria-level="1">Technical writing and reporting experience. </li> </ul> <ul> <li data-leveltext="›" data-font="Open Sans" data-listid="32" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Open Sans","469769242":[8226],"469777803":"left","469777804":"›","469777815":"hybridMultilevel"}" data-aria-posinset="33" data-aria-level="1">Experience executing initial triaging and response through a SOAR platform. </li> </ul> <ul> <li data-leveltext="›" data-font="Open Sans" data-listid="32" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Open Sans","469769242":[8226],"469777803":"left","469777804":"›","469777815":"hybridMultilevel"}" data-aria-posinset="34" data-aria-level="1">Experience with multiple operating systems (Linux, MacOS, Windows), their command lines, processes, and file systems. </li> </ul> <ul> <li data-leveltext="›" data-font="Open Sans" data-listid="32" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Open Sans","469769242":[8226],"469777803":"left","469777804":"›","469777815":"hybridMultilevel"}" data-aria-posinset="35" data-aria-level="1">Experience with memory and storage forensics. </li> </ul> <ul> <li data-leveltext="›" data-font="Open Sans" data-listid="32" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Open Sans","469769242":[8226],"469777803":"left","469777804":"›","469777815":"hybridMultilevel"}" data-aria-posinset="36" data-aria-level="1">Experience with static and dynamic malware analysis. </li> </ul> <ul> <li data-leveltext="›" data-font="Open Sans" data-listid="32" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Open Sans","469769242":[8226],"469777803":"left","469777804":"›","469777815":"hybridMultilevel"}" data-aria-posinset="37" data-aria-level="1">Experience providing recommendations to harden existing security controls. </li> </ul> <ul> <li data-leveltext="›" data-font="Open Sans" data-listid="32" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Open Sans","469769242":[8226],"469777803":"left","469777804":"›","469777815":"hybridMultilevel"}" data-aria-posinset="38" data-aria-level="1">Experience identifying gaps within security control architecture. </li> </ul> <ul> <li data-leveltext="›" data-font="Open Sans" data-listid="32" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Open Sans","469769242":[8226],"469777803":"left","469777804":"›","469777815":"hybridMultilevel"}" data-aria-posinset="39" data-aria-level="1">Talent for communicating complex topics in an easily digestible manner. </li> </ul> <ul> <li data-leveltext="›" data-font="Open Sans" data-listid="32" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Open Sans","469769242":[8226],"469777803":"left","469777804":"›","469777815":"hybridMultilevel"}" data-aria-posinset="40" data-aria-level="1">Experience with data science techniques (clustering, anomaly detection, data normalization, etc.) </li> </ul> <ul> <li data-leveltext="›" data-font="Open Sans" data-listid="32" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Open Sans","469769242":[8226],"469777803":"left","469777804":"›","469777815":"hybridMultilevel"}" data-aria-posinset="41" data-aria-level="1">General systems administrator experience. </li> </ul> <ul> <li data-leveltext="›" data-font="Open Sans" data-listid="32" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Open Sans","469769242":[8226],"469777803":"left","469777804":"›","469777815":"hybridMultilevel"}" data-aria-posinset="42" data-aria-level="1">Experience working with State and Local Government. </li> </ul> <ul> <li data-leveltext="›" data-font="Open Sans" data-listid="32" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Open Sans","469769242":[8226],"469777803":"left","469777804":"›","469777815":"hybridMultilevel"}" data-aria-posinset="43" data-aria-level="1">Experience working in multiple cybersecurity disciplines (i.e. RedSec, Threat, Information Assurance, Engineering, etc.) </li> </ul> Base Salary for this role is targeted at $130,000 - $150,000 annually. Additionally, this role is eligible for the company bonus plan at a 10% target. <h2>The Rewards</h2> What you can expect: <ul> <li>The engagement and support of company leadership who recognize the challenge of marketing a complex cybersecurity service in a chaotic market.</li> <li>An organization that recognizes and rewards employee commitment and contribution to our customers’ satisfaction and success</li> <li>Growth in your career and capabilities as you help to chart a path to improving customer interactivity and service adoption.</li> <li>A collaborative and driven working environment in a rapidly growing company and market</li> <li>A fun and social working environment where you are encouraged to be your true self.</li> </ul>   You can also expect competitive salary and benefits, including paid time to give back in your community and generous PTO. We are purpose driven. We, as an organization, above anything else protect the house first and then help our customers win.  If this sounds like the kind of organization you’d like to be a part of, we‘d like to hear from you.   AAP/EEO Statement The Equal Employment Opportunity Policy of NuHarbor Security is to provide a fair and equal employment opportunity for all associates and job applicants regardless of race, color, religion, national origin, gender, sexual orientation, age, marital status or disability. NuHarbor Security hires and promotes individuals solely based on their qualifications for the job to be filled. NuHarbor Security believes that employees should be provided with a working environment which enables each associate to be productive and to work to the best of his or her ability. We do not condone or tolerate an atmosphere of intimidation or harassment based on race, color, religion, national origin, gender, sexual orientation, age, marital status, or disability.  We expect and require the cooperation of all employees in maintaining a discrimination and harassment-free atmosphere.

Perks & benefits

Paid Time Off

741,000+ hidden jobs like this

nuharborsecurity and thousands of companies post here first — often days before LinkedIn or Indeed. Your first 5 applications are free; go Pro to apply without limits.

Everything Pro unlocks:

Unlimited applications — free stops at 5
Track every application in one place
Apply straight to the source, one click
Save & organize roles you love
Roles pulled from company boards before the big sites

Weekly

$9.99

$4.99/week

For an active search. Cancel anytime.

Get Weekly

Monthly

$24.99

$12.99/month

The smart pick. Save 35% vs weekly.

Get Monthly

Lifetime

$99

$49.99once

Pay once. Every future feature, forever.

Get Lifetime