Today
Secret
Senior Level Career (10+ yrs experience)
$146,000
No Traveling
IT - Security
Smyrna, GA (On-Site/Office)
Serve as the technical lead within a 24x7x365 Security Operations Center (SOC), supporting the leadership of a team of cybersecurity professionals during the primary shift of 8:00 AM to 5:00 PM on-site. This role is responsible for guiding the technical direction of SOC operations, including hands-on involvement in incident detection, analysis, containment, and remediation. The Technical Lead ensures that security technologies such as SIEM, SOAR, IDS/IPS, EDR, and threat intelligence platforms are effectively configured, maintained, and optimized to support real-time monitoring and response. Additional responsibilities include mentoring junior analysts, conducting technical training, developing playbooks and detection rules, and leading the technical response to complex or high-severity security incidents. The role also supports coordination of daily operations, ensuring team cohesion, readiness, and continuous improvement of SOC capabilities.
Responsibilities
*Provide technical knowledge and analysis of security incident responses.
*Perform forensic analysis of devices involved in incidents.
*Investigate potential intrusions and security events to contain and mitigate incidents.
*Research cyber-attacks, malware, and threat actors to determine potential impact and develop remediation guidance.
*Analyze network traffic and identifies attack activity.
*Document incident response activities and lessons learned.
*Effectively communicate incident response activities.
*Provide monitoring and response capabilities.
*Regularly update and optimize queries and alerting rules.
*Maintain the confidentiality and integrity of the data within SIEM.
*Provide timely and accurate reports to management.
*Collaborate with vendors to ensure proper best practices are enforced and recommendations are delivered.
*Validate suspicious events by performing investigations using SIEM, leverage tools available to the SOC, threat intelligence and OSINT, TTPs and IOCs.
*Leverage knowledge of Alert Triage, SOC Operations, and Defense in Depth (DiD) to contribute to projects for overall success.
*Produce high-quality written and verbal communications, recommendations, and findings to management in a timely manner.
*Attend focus groups, trainings, industry conferences, and skills enhancement opportunities.
*Provide timely escalation of events to appropriate teams and external parties.
*Possess and apply a comprehensive knowledge across key tasks and high impact assignments.
*Evaluate performance results and recommends major changes affecting short-term project growth and success.
*Plan, implement, upgrade, or monitor security measures for the protection of computer networks and information.
*Ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure.
Requirements:
Active Secret security clearance
Between 7-10 years of related experience
DoD IAT II required certification/s (one of the following):
CCNA-Security
CySA+ (CSA+)
GICSP
GSEC
Security+ CE
CND
SSCP
CSSP-A required certification/s (one of the following):
CEH
GCIA
GCIH
CEH
GCIA
GCIH
Experience with the following skills/tools:
Mandiant Managed Defense (FireEye/Trellix NX)
Knowledge of Alert Triage
SOC Operations
Defense in Depth (DiD)
Splunk
Security Orchestration Automation and Response (SOAR)
Amazon Web Services (AWS)
EnCase
Location: No Telework Available - On-Premises in Smyrna, GA
Responsibilities
*Provide technical knowledge and analysis of security incident responses.
*Perform forensic analysis of devices involved in incidents.
*Investigate potential intrusions and security events to contain and mitigate incidents.
*Research cyber-attacks, malware, and threat actors to determine potential impact and develop remediation guidance.
*Analyze network traffic and identifies attack activity.
*Document incident response activities and lessons learned.
*Effectively communicate incident response activities.
*Provide monitoring and response capabilities.
*Regularly update and optimize queries and alerting rules.
*Maintain the confidentiality and integrity of the data within SIEM.
*Provide timely and accurate reports to management.
*Collaborate with vendors to ensure proper best practices are enforced and recommendations are delivered.
*Validate suspicious events by performing investigations using SIEM, leverage tools available to the SOC, threat intelligence and OSINT, TTPs and IOCs.
*Leverage knowledge of Alert Triage, SOC Operations, and Defense in Depth (DiD) to contribute to projects for overall success.
*Produce high-quality written and verbal communications, recommendations, and findings to management in a timely manner.
*Attend focus groups, trainings, industry conferences, and skills enhancement opportunities.
*Provide timely escalation of events to appropriate teams and external parties.
*Possess and apply a comprehensive knowledge across key tasks and high impact assignments.
*Evaluate performance results and recommends major changes affecting short-term project growth and success.
*Plan, implement, upgrade, or monitor security measures for the protection of computer networks and information.
*Ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure.
Requirements:
Active Secret security clearance
Between 7-10 years of related experience
DoD IAT II required certification/s (one of the following):
CCNA-Security
CySA+ (CSA+)
GICSP
GSEC
Security+ CE
CND
SSCP
CSSP-A required certification/s (one of the following):
CEH
GCIA
GCIH
CEH
GCIA
GCIH
Experience with the following skills/tools:
Mandiant Managed Defense (FireEye/Trellix NX)
Knowledge of Alert Triage
SOC Operations
Defense in Depth (DiD)
Splunk
Security Orchestration Automation and Response (SOAR)
Amazon Web Services (AWS)
EnCase
Location: No Telework Available - On-Premises in Smyrna, GA
group id: 90982409
