deepwatch

SOC Team Lead

deepwatch$118K — $125K *
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • 5+ years of SOC experience, preferably in a leadership role.
  • Proficient in SIEM tools like Splunk, Google SecOps, or Microsoft Sentinel.
  • Deep understanding of modern EDR, email security, and cloud identity platforms.
  • Expertise in Adversary Tactics, Techniques, and Procedures (TTP).
  • Ability to conduct thorough triage and incident investigations with minimal guidance.
  • Strong analytical skills to measure and communicate data effectively.
  • Certifications like GCIH, GCIA, or CISSP are preferred.

Responsibilities

  • Lead real-time detection and response to security incidents.
  • Mentor and educate analysts on best practices and efficient investigation techniques.
  • Oversee critical investigations and determine appropriate action plans.
  • Collaborate with leadership and teams to enhance SOC operations and customer service.
  • Conduct team training and share relevant information during regular sessions.
  • Utilize business intelligence insights to improve analysis and response strategies.
  • Support the Threat Response team during incidents or potential compromises.

Benefits

  • Medical, dental, vision, and disability insurance.
  • Flexible Time Off (FTO) paired with 12 company holidays and sick leave.
  • 8 weeks of Paid Parental Leave.
  • Unique professional development benefits with annual funding for growth.
  • Wellness contests and monthly educational programs.
  • 401(K) retirement program.
Full Job Description
SOC Team Lead

Reports to: SOC Manager

Location: Hybrid 3x week, Tampa, FL

Shift: 6AM-2PM EST

Reporting directly to the SOC Manager, the SOC Team Lead at Deepwatch will make a significant impact on global security. Our mission involves safeguarding organizations against the world's most advanced threats, and the Deepwatch Security Operations Center is your gateway to a diverse range of experiences. As a SOC Team Lead, you'll actively detect and respond to incidents in real-time to protect our valued customers. You will also take a proactive role in guiding analysts in cybersecurity related education, helping them achieve their goals. Additionally, you will tackle the hardest investigations a customer will have, ensuring that they get timely and comprehensive reports.

Deepwatch has a unique approach to how we support our customers and ultimately provide an experience not found anywhere else. You'll be an integral part of supporting our customers by understanding their bespoke environment, needs and challenges. You will be playing a key role in supporting some of the top organizations in the world, and have the opportunity to develop your skills by working with the best responders in the industry, your team and your shift!

In this role you'll get to:
  • Showcase your strong security knowledge by assisting in investigation mentoring, demonstrating efficient ways to pivot within SIEMs, and teaching industry best practices.
  • Act as the shift triage captain, identifying the appropriate actions to take throughout critical investigations, customer compromises, and network targeting.
  • Participate in projects aimed at improving SOC operations, enhancing customer retention, refining SOPs and customer service
  • Collaborate closely with leadership, customer service teams, and product owners to gain insight into new offerings and services.
  • Disseminate relevant information to your team through training sessions and regular touchpoints.
  • Leverage our world-class business intelligence team to extract actionable insights from big-data analysis.
  • Act as an additional resource for the Threat Response team when a compromise is discovered or when a customer declares an Incident.
  • Engage in peer review sessions to evolve and enhance the analysis quality for ticket escalations.

To be successful in this role, you'll need to:
  • Demonstrate 5+ years prior SOC experience as a technical escalation point or senior analyst, with the ability to support the team with escalations on an as-needed basis.
  • Identify opportunities for improvement, continuously measuring accuracy and quality of analysis performed.
  • Have a track record of working outside your team and across business units solve problems when the situation requires it.
  • Extensive expertise with SIEMs such as Splunk (required), Google SecOps, and/or Microsoft Sentinel including the ability to navigate the console with ease, perform queries that result in efficient investigations and accurate alert analysis.
  • Have in-depth understanding of modern EDR, email security, and cloud identity platforms.
  • A high-level understanding of Adversary Tactics, Techniques, & Procedures (TTP), full packet capture analysis, malware analysis, host forensics (Windows).
  • Advanced knowledge of Event Logging, Triage, and Analysis.
  • The ability to autonomously perform a complete and thorough triage and incident investigation with the proficiency to pivot to other log sources, cloud systems, or consoles as necessary and to act as the final point of technical escalation for customers and analysts.
  • Measure and tell a compelling story with data, not just throughput and performance.
  • Demonstrate experience working customer SLAs and contract requirements ensuring your team is delivering with quality and efficiency at all times.
  • Identify problems inside and outside of your team and demonstrate the Deepwatch "One Team" core value by being a strong voice in identifying and ensuring problems are resolved.
  • Train and mentor other analysts using qualitative measurement tools and techniques as well as act as a coach and support career pathing for your team in partnership with the People Team.
  • GCIH, GCIA, GDAT, GMON, GREM, OCSP, CISSP certifications preferred, not required.

Statutory Pay Disclosure

The anticipated salary range for this role is $118,00 - $125,000 + bonus + stock options + benefits. Actual compensation may vary from posted hiring range based upon geographic location, work experience, education, and/or skill level.

ITAR Compliance

This position will have access to customer data and as such is subject to International Traffic in Arms Regulations (ITAR). Upon application, candidates will be asked to confirm that they are a U.S. Person as defined by the following:
  • A citizen of the U.S.;
  • A lawful permanent resident of the United States;
  • A person admitted to the United States as a refugee; or
  • A person that has been granted asylum by the United States government.

The intent of this requirement is not to verify employment eligibility overall, but to ensure compliance with import/export regulations. If you do not meet these requirements, we encourage you to apply for other open roles at Deepwatch. This information will be verified upon offer of employment.

What We Offer:

Deepwatch is excited to provide benefits designed to support team members and their families. Including:
  • Medical, dental, vision, and disability insurance
  • Flexible Time Off (FTO), 12 company holidays, sick leave and 8-Weeks Paid Parental Leave
  • Unique professional development benefits with Annual "development dollars" to support our people growth and development
  • Wellness contests and monthly educational programs
  • 401(K) retirement program
  • Learn more here: Deepwatch Benefits

About deepwatch

deepwatch is a cybersecurity company that provides managed security services. The company was founded in 2015 and is headquartered in Denver, Colorado. deepwatch offers a range of cybersecurity services, including threat detection and response, vulnerability management, and compliance management. The company uses artificial intelligence and machine learning to provide advanced threat detection and response capabilities. deepwatch is committed to providing exceptional customer service and helping its clients improve their cybersecurity posture.
Learn more about deepwatch
Size
100 employees
Industry
Founded
2015
Revenue
$10 million

Similar Jobs

More Jobs at deepwatch

  • deepwatch
    SOC Team Lead
    $118K — $125K *
    Tampa, FL 33647 (Hillsborough County)
    Information Technology
    Hybrid
  • deepwatch
    Manager, DevOps Engineering
    $178K — $213K *
    Tampa, FL 33647 (Hillsborough County)
    Information Technology
    Hybrid

More Information Technology Jobs

Find similar SOC Team Lead jobs: