Security Operations Team Lead

Salary: $75,000–$120,000  

Job Type: Full-Time, In-Person (Onsite Required) - Franklin, TN  

Benefits: 401(k), Health, Dental, Vision, Profit Sharing, PTO 

Position Overview 

The SOC Team Lead leads the Security Operations Center team responsible for 24/7 on call monitoring, detection, analysis, and response to cybersecurity threats. This role ensures operational excellence, team development, and alignment with compliance frameworks such as NIST 800-171 and CMMC. 

Key Responsibilities 

Leadership & Operations 

• Oversee daily SOC operations, including shift coverage, alert ticketing system, vulnerability scanning, and incident response. 
• Lead, mentor, and develop SOC analysts; provide coaching, feedback, and escalation support. 
• Manage SOC workflows, performance metrics, and service delivery KPIs. 
• Serve as the escalation point for critical incidents and coordinate cross-functional response. 
• Manage vulnerability program to identify and remediate vulnerabilities across the technology stack. 

Technical & Incident Response 

• Guide analysts through investigation, containment, and remediation activities. 
• Ensure consistent use of SIEM, EDR, SOAR, and threat intelligence tools (e.g., Sumo Logic, Defender, Microsoft 365). 
• Refine detection rules, playbooks, and response procedures. 
• Conduct threat intelligence and vulnerability management. 

Compliance & Audit Readiness 

• Execute and maintain security and compliance monitoring and audit functions. 
• Support internal and client audits aligned with NIST 800-171, CMMC, and other standards. 
• Own audit and control functions, ensuring separation of duties and documentation integrity. 
• Support Client audits by providing artifacts and being interviewed. 
• Maintain audit documentation suite and work with Clients to customize to their needs. 

Stakeholder Engagement 

• Communicate incident details and SOC updates to internal and external stakeholders. 
• Support onboarding of new SOC clients, including tuning and baselining. 
• Collaborate with support and development teams to support broader security initiatives. 

Program & Process Improvement 

• Identify opportunities to improve SOC effectiveness, automation, and efficiency. 
• Contribute to service maturity, including documentation, KPIs, and operational standards. 
• Conduct disaster recovery and incident response drills. 

Required Qualifications 

• Bachelor's Degree 
• Eligible for a tier three security clearance 
• Minimum of 1 year of leadership experience, including people management. 
• Experience with regulated environments (e.g., DoD, DFARS/CMMC, NIST 800-171). 
• Ability to Commute to Franklin Office - Franklin, TN 37064 or Ability to Relocate Franklin, TN 37064: Relocate before starting work (Required) 
• Experience with Microsoft 365. 

Preferred Skills & Certifications 

• Hands-on experience with cybersecurity assessment/audits.  
• Understanding of SIEM/EDR technologies, detection logic, and investigative methodologies. 
• Experience with technical documentation. (runbooks, diagrams, security controls, system security plans, accreditation packages, etc.)  
• Familiarity with MDR/SOC service environments. 
• Certifications: CMMC Certified Assessor (CCA), CMMC Certified Professional (CCP)