Sr. Cyber Security Analyst / SOC Team Lead

A dynamic IT Services Firm, with clients in 21 states, is seeking an experienced Senior Cyber Security Analyst / SOC Team Lead. This opportunity involves leading a robust, comprehensive cybersecurity team, focusing on governance, risk management, and incidence response. You would be spearheading these initiatives and leading a focused cybersecurity team. This role requires a strong technical background in cybersecurity and the ability to collaborate effectively with cross-functional teams.

There is lots of room for growth within the company, working with a fun tech savvy team, plus excellent compensation. This is a fully remote opportunity.

Responsibilities:

• Lead incident response efforts to promptly identify, contain, and mitigate security incidents, minimizing impact and ensuring timely communication to stakeholders.
• Manage the security incident response procedures. Develop and maintain incident response plans, run tabletop exercises, and continuously improve response processes.
• Conduct regular risk assessments to identify vulnerabilities and potential threats within client environments.
• Ensure compliance with industry regulations (e.g., GDPR, HIPAA) and client-specific security requirements.
• Implement and manage security monitoring tools to detect and respond to security events and anomalies.
• Regularly review logs and alerts, investigating potential security breaches.
• Implement NIST cybersecurity framework
• Manage the SOC2 requirements and implementation
• Perform third party and vendor security assessment
• Manage endpoint protection system
• Manage security awareness and phishing simulation across the organization
• Perform the self control assessment and security internal audits
• Assist the Director of Security with building a cybersecurity team to achieve the above responsibilities.
• Assist the Director of Security to develop, review and improve the cybersecurity policies and procedures

Skills:

• 5 years + experience as a cybersecurity analyst or engineer.
• 1-3 years + experience managing a team
• Experience writing policies & procedures, playbooks and response plans.
• Certifications (at least one of the following): Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Certified Information Security Manager (CISM), GIAC Certified Incident Handler (GCIH) – Preferred, Certified Information Systems Auditor (CISA), CompTIA Security+
• Experience with security incident response, vulnerability management, and security monitoring tools.
• Ability to investigate and respond to security incidents, perform forensic analysis, and implement incident response procedures.
• Understanding of network protocols, firewalls, intrusion detection/prevention systems (IDS/IPS), and network security architecture.
• Knowledge of threat landscapes, emerging security trends, and the ability to analyze and respond to security incidents.
• Proficiency in conducting risk assessments, identifying vulnerabilities, and recommending mitigation strategies.
• Familiarity with industry-standard frameworks such as NIST Cybersecurity Framework, ISO 27001, and PCI DSS.
• Experience with security tools such as SIEM (Security Information and Event Management), endpoint protection, data loss prevention (DLP), and intrusion detection systems (IDS).