SOC Technical Lead with Security Clearance

Serve as the technical lead within a 24x7x365 Security Operations Center (SOC), supporting the leadership of a team of cybersecurity professionals during the primary shift of 8:00 AM to 5:00 PM on-site. This role is responsible for guiding the technical direction of SOC operations, including hands-on involvement in incident detection, analysis, containment, and remediation. The Technical Lead ensures that security technologies such as SIEM, SOAR, IDS/IPS, EDR, and threat intelligence platforms are effectively configured, maintained, and optimized to support real-time monitoring and response. Additional responsibilities include mentoring junior analysts, conducting technical training, developing playbooks and detection rules, and leading the technical response to complex or high-severity security incidents. The role also supports coordination of daily operations, ensuring team cohesion, readiness, and continuous improvement of SOC capabilities. Responsibilities *Provide technical knowledge and analysis of security incident responses. *Perform forensic analysis of devices involved in incidents. *Investigate potential intrusions and security events to contain and mitigate incidents. *Research cyber-attacks, malware, and threat actors to determine potential impact and develop remediation guidance. *Analyze network traffic and identifies attack activity. *Document incident response activities and lessons learned. *Effectively communicate incident response activities. *Provide monitoring and response capabilities. *Regularly update and optimize queries and alerting rules. *Maintain the confidentiality and integrity of the data within SIEM. *Provide timely and accurate reports to management. *Collaborate with vendors to ensure proper best practices are enforced and recommendations are delivered. *Validate suspicious events by performing investigations using SIEM, leverage tools available to the SOC, threat intelligence and OSINT, TTPs and IOCs. *Leverage knowledge of Alert Triage, SOC Operations, and Defense in Depth (DiD) to contribute to projects for overall success. *Produce high-quality written and verbal communications, recommendations, and findings to management in a timely manner. *Attend focus groups, trainings, industry conferences, and skills enhancement opportunities. *Provide timely escalation of events to appropriate teams and external parties. *Possess and apply a comprehensive knowledge across key tasks and high impact assignments. *Evaluate performance results and recommends major changes affecting short-term project growth and success. *Plan, implement, upgrade, or monitor security measures for the protection of computer networks and information. *Ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure. Requirements: Active Secret security clearance Between 7-10 years of related experience DoD IAT II required certification/s (one of the following): CCNA-Security CySA (CSA) GICSP GSEC Security CE CND SSCP CSSP-A required certification/s (one of the following): CEH GCIA GCIH CEH GCIA GCIH Experience with the following skills/tools: Mandiant Managed Defense (FireEye/Trellix NX) Knowledge of Alert Triage SOC Operations Defense in Depth (DiD) Splunk Security Orchestration Automation and Response (SOAR) Amazon Web Services (AWS) EnCase Location: No Telework Available - On-Premises in Smyrna, GA

Location: Smyrna, Georgia, US

Posted Date: 10/24/2025