Security Operations Center (SOC) Manager

WHO ARE WE

Blue Team Alpha is a team of highly educated, trained, experienced, and certified security professionals focused on the prevention, detection, and rapid response to modern cyber threats. We use a combination of people, processes, and technology to provide 24/7 Security Operations Center (SOC) monitoring, alerting, maintenance, tuning, research, analysis, incident response, and remediation services. 

We run towards the fire – when an attack occurs, we have our hands on keyboards within an hour. We pride ourselves on offering immediate expert assistance, both on an emergency and retainer-based approach. We also help clients proactively prepare for and defend against threats such as Business Email Compromise (BEC), ransomware, and shadow IT. We are on the hunt for highly qualified and experienced individuals who understand how to respond effectively and support our teams each day. We are a rapidly growing company and are looking for the right individuals to help grow our security operations division.

We offer our employees a robust compensation package! Our comprehensive benefits include medical, dental, and vision insurance coverage, 100% company-paid life and disability coverage, unlimited PTO after the first 100 days of employment, all remote, no office, work from home on company provided hardware and software. Blue Team Alpha proudly promotes diversity and inclusion from within as part of a strong commitment to providing career growth opportunities for employees of all levels. Our diverse business portfolio allows employees broad career options with the advantage of staying with the same organization.

Role and Responsibilities

The Security Operations Center (SOC) Manager is responsible for all SOC operations such as monitoring traffic, analyzing events, detecting and investigating suspicious activity, confirming incidents, alert triage, supervising SOC analysts, prioritizing tasks, coordinating with other teams, briefing customers, hunting and reporting threats, researching malware, detecting attacks, and preventing data loss or damage. Additional duties may include:

• Manage security tools and technology for endpoint defense, network defense, and cloud defense.
• Manage threat intelligence, threat hunting, malware research, signature analysis, and requests for information (RFIs).
• Support incident response, vulnerability management, and offensive security teams.
• Advise and assist in the creation or updating of policies and procedures.
• Provide technical leadership and guidance to SOC personnel.
• Support sales and marketing as a subject matter expert.
• Stay current and knowledgeable about emerging threats and trends.
• Assist with the testing and demonstration of new SOC tools, technologies, processes, and procedures.
• Ensure security controls protect information and assets from unauthorized access or intentional destruction.
• Participate in various projects related to information security such as attack simulations, purple team, and tabletop exercises.

60% SOC Management.
5% Threat Intel and RFIs.
20% Briefing and Reporting.
15% Other duties as assigned.

Job Purpose:

The Cyber Incident Response Manager is the expert leader responsible for managing cybersecurity incidents from initial assessment through resolution and beyond, acting as both a trusted advisor and a stabilizing force for businesses during their most challenging moments. This role requires a deep understanding of business operations to help clients prioritize system recovery and operational impact. Beyond incident response, the Cyber Incident Response Manager develops actionable roadmaps to strengthen the client’s cybersecurity posture, turning reactive efforts into proactive strategies. Speed, precision, and 100% customer satisfaction are paramount in this role.

Qualifications and Education Requirements

• Bachelor’s degree or equivalent work experience.
• 6 years’ experience working in a SOC.
• 4 years’ experience supervising SOC teams.
• Professional experience in Threat Intelligence, Incident Response, Threat Hunting, Malware Analysis, Digital Forensics, or similar.

Preferred Requirements

• Security related certifications
• Security related training

Required Skills

• Demonstrated understanding and working knowledge of SOC tools, technologies, policies, practices, and procedures.
• Maintains a high level of alertness and situational awareness.
• Strong/diverse technical background in enterprise security, event log analysis, investigating suspicious activity, and recognizing indications of compromise.
• Experience in virtualization technology such as Hyper-V and VMware ESX.
• Experience in cloud technologies such as Azure, AWS, & G-Suite.
• Must be able to solve problems without specific guidance.
• Conflict resolution, soft skills and organizational structure understanding.
• SIEM, EDR, AI, and rule set creation familiarity.

Preferred Skills

• Demonstrated experience contributing and collaborating effectively as a formal leader in a high-functioning team.
• Effective organizational, analytical, and independent problem-solving skills.
• Successful experience coordinating and completing multiple tasks within established and changing deadlines.
• Strong presentation skills with experience addressing and interfacing with executives and technical staff.
• Experience working in the DoD ecosystem, financial services, healthcare services, or other highly regulated/compliance-oriented environments.
• Experience with regulatory compliance issues.
• An enthusiasm or passion for the security industry.
• Strong time management and organizational skills.
• Familiarity with OT environments.

Job Types: Full-time, Contract