World Wide Technology

Team Lead, Security Operations Center (SOC) - 2nd Shift

World Wide Technology$121K — $152K *
US-AnywhereRemote in United States
Information Technology
5 - 7 years of experience
Today
Be an Early Applicant
Job Overview by Ladders

Qualifications

  • 5+ years in SOC operations or related security work, including 2 years in leadership roles.
  • Ability to balance security with business needs in a risk-managed environment.
  • Hands-on experience in incident response and operational security initiatives.
  • Strong experience in threat hunting, detection engineering, and cyber threat intelligence.
  • Proven success in workflow improvements and process maturity within SOC operations.
  • Excellent communication skills for clear documentation and reporting.
  • Bachelor's degree in relevant fields or equivalent experience.

Responsibilities

  • Lead and mentor a team of SOC analysts, focusing on career development.
  • Own shift coverage and escalation readiness for quality SOC operations.
  • Manage day-to-day execution of SOC activities, ensuring documentation quality.
  • Identify and eliminate workflow inefficiencies affecting response times.
  • Set priorities for detection engineering based on threat assessments.
  • Oversee tuning of detection tools to improve alert fidelity and reduce noise.
  • Ensure adherence to incident management protocols during investigations.

Benefits

  • Comprehensive health, dental, and vision coverage with onsite health centers.
  • Financial benefits including profit sharing and 401k Plan with company matches.
  • Generous paid time off of 20 days per year plus additional holidays and leave types.
  • Employee assistance programs and wellness initiatives for health support.
  • Additional perks such as pet insurance and employee discounts.
Full Job Description
Qualifications
  • 5+ years in SOC operations, detection engineering, threat hunting, incident response, or related operational security work, including 2+ years in a lead, senior, or team-coordination capacity.
  • Demonstrated ability to balance security principles with business realities in a risk-managed environment.
  • Hands-on experience across incident response, security operations, and security initiatives.
  • Strong background in SOC operations, detection engineering, threat hunting, or cyber threat intelligence.
  • Experience improving operational workflows, guiding analysts, and driving outcomes through process and technical maturity.
  • Strong written and verbal communication, with an emphasis on repeatable, audit-ready documentation.
  • Bachelor's degree in computer science, information security, or equivalent experience and certifications.
  • Applicants must be authorized to work in the United States. We are unable to provide sponsorship for this position.

Preferred
  • Experience owning or shaping SOPs, SLAs, runbooks, or incident governance processes.
  • Experience operating in environments with formal audit and compliance requirements.
  • Experience driving cross-team alignment through RACI models, scope boundaries, or operational ownership frameworks.

Success Looks Like
  • Leading a team that investigates consistently, with less friction and higher-quality documentation.
  • Strengthening detection fidelity and reducing noise through prioritized tuning and coverage improvements.
  • Governing incidents so they are handled, documented, and escalated in a way that holds up to audit.
  • Improving collaboration across SOC, engineering, and partner teams so remediation and ownership are clear.
  • Enabling the SOC to operate with greater speed, consistency, and accountability as detection and response needs mature.

Certain states and localities require employers to post a reasonable estimate of the salary range. A reasonable estimate of the current base pay range for this position is $121,600 to $152,000 annually. Actual salary will be based on a variety of factors, including shift, location, experience, skill set, performance, licensure and certification, and business needs. The range for this position in other geographic locations may differ. Certain positions may also be eligible for variable incentive compensation, such as bonuses or commissions, that are not included in the base pay.

The well-being of WWT employees is essential. So, when it comes to our benefits package, WWT has one of the best. We offer the following benefits to all full-time employees:
  • Health and Wellbeing: Health, Dental, and Vision Care, Onsite Health Centers, Employee Assistance Program, Wellness program
  • Financial Benefits: Competitive pay, Profit Sharing, 401k Plan with Company Matching, Life and Disability Insurance, Tuition Reimbursement
  • Paid Time Off: PTO and Sick Leave (starting at 20 days per year) & Holidays (10 per year), Parental Leave, Military Leave, Bereavement

Additional Perks: Nursing Mothers Benefits, Voluntary Legal, Pet Insurance, Employee Discount Program



#LI-MP1

This position supports a 2nd shift schedule, Monday - Friday, from 4:00 PM to 1:00 AM CT.

About the Role

Our Security Operations Center (SOC) is seeking a SOC Team Lead to own day-to-day SOC execution, strengthen how the team operates, and advance the maturity of our detection and response capabilities. This role manages a team of analysts directly and is responsible for ensuring the SOC runs with clarity, consistency, and measurable results across security monitoring, detection engineering, threat hunting, incident response governance, and cross-functional coordination.

This role is available on 2nd shift (Monday - Friday, 4:00 PM-1:00 AM CST) and owns coverage, escalation readiness, and investigation quality for its shift. It's ideal for a leader who can balance hands-on security operations with people management, process ownership, and analyst development; improving how the SOC runs day-to-day while keeping incidents handled, documented, and escalated in line with established procedures.

Key Responsibilities

Team Leadership & People Management
  • Lead a team of SOC analysts as their direct manager, including coaching, performance management, and career development.
  • Own shift coverage, scheduling, and escalation readiness so the SOC maintains consistent quality across the shift's hours.
  • Develop analysts through mentorship and reinforcement of structured, evidence-based investigation practices.

SOC Operations Leadership (Execution, Quality & Continuous Improvement)
  • Own day-to-day SOC execution: queue health, triage consistency, escalation discipline, and documentation quality.
  • Set and reinforce expectations for how alerts, investigations, and incidents are handled across the team.
  • Identify and resolve workflow inefficiencies that slow response or create friction for analysts.
  • Turn recurring pain points into measurable process, automation, or documentation improvements.

Detection Engineering Direction & Threat-Informed Defense
  • Set detection engineering priorities based on threat intelligence, control gaps, incident learnings, and monitoring weaknesses.
  • Oversee tuning across SIEM, SOAR, EDR, NDR, and log analytics platforms to improve fidelity and reduce noise.
  • Ensure new detections, use cases, behavioral analytics, and ATT&CK-aligned content are actionable and fit SOC workflows.
  • Partner with platform owners and engineering teams to improve telemetry quality and close detection gaps.
  • Feed hunt findings, incident patterns, and control observations back into the detection pipeline.

Incident Response Governance
  • Ensure incidents are identified, tracked, escalated, and reported per established incident management procedures.
  • Reinforce severity-based response expectations, communications requirements, and required response artifacts across the incident lifecycle.
  • Ensure investigation timelines, decisions, evidence, and outcomes are documented clearly and defensibly.
  • Coordinate with leadership and partner teams during higher-severity incidents and retrospectives.
  • Operationalize audit log review, logging-failure escalation, and incident reporting obligations.

Cross-Functional Coordination
  • Coordinate with GRC, IAM, Infrastructure, Cloud, AppSec, Vulnerability Management, and other partner teams during investigations, follow-up, and control improvement.
  • Clarify ownership boundaries and keep handoffs timely and documented.
  • Translate SOC findings into remediation guidance and actionable follow-up for partner teams.
  • Support policy, audit, and leadership discussions with accurate operational context.

About World Wide Technology

World Wide Technology (WWT) is a technology solution provider that offers a wide range of services to businesses and organizations. The company was founded in 1990 and is headquartered in Maryland Heights, Missouri. WWT provides a variety of services, including consulting, design, integration, and managed services. The company has a strong focus on innovation and has been recognized for its efforts in this area. WWT has partnerships with many leading technology companies, including Cisco, Dell, and Microsoft. The company has a global presence, with offices in the United States, Europe, and Asia.
Learn more about World Wide Technology
Size
7,000 employees
Industry
Information Technology
Founded
1990
* Ladders Estimates

Similar Jobs

Ad banner background

Get Ready For Your
Next Interview

More Jobs at World Wide Technology

More Information Technology Jobs

Find similar Team Lead, Security Operations Center (SOC) - 2nd Shift jobs:

NationwideRemote