Position: SOC Technical Lead
We are seeking a SOC Technical Lead who will serve as a technical mentor and strategic guide for the Security Operations Center. This role is focused on developing analyst capabilities, strengthening investigation quality, and driving consistent incident response practices. The ideal candidate will lead through guidance, coaching, and knowledge sharing, ensuring the SOC team operates with high efficiency and maturity.
Key Responsibilities
Act as a technical leader and mentor, guiding SOC analysts in effective triage, investigation, and response
Serve as the primary escalation point, providing direction on complex and high-severity incidents
Drive continuous learning and development within the SOC through structured training and hands-on coaching
Establish and promote best practices for incident investigation and response
Ensure analysts follow a consistent and high-quality approach to security event analysis
Conduct regular knowledge-sharing sessions, case reviews, and post-incident learning discussions
Guide the team in understanding attacker behavior, detection logic, and investigation techniques
Collaborate with Cyber Incident Response, Detection Engineering, and Threat Intelligence teams to enhance team knowledge and detection capabilities
Support and guide development of KQL queries, use cases, and detection rules
Provide direction on automation strategies using XSOAR and Sentinel
Monitor SOC performance and guide improvements to meet SLA, MTTD, and MTTR targets
Provide insights and recommendations to leadership on SOC maturity and improvements
Technical Skills Required
Microsoft Sentinel (SIEM)
XSOAR (SOAR)
Microsoft Defender Suite
KQL (Kusto Query Language)
MITRE ATT&CK Framework
Azure AD / Entra ID
Windows/Linux logs and authentication
Networking (TCP/IP, DNS, VPN)
Incident response lifecycle and threat hunting
Preferred Qualifications
Certifications: SC-200 / AZ-500 / Security+ / CEH
Experience in threat intelligence and IOC analysis
Exposure to cloud security (Azure/AWS/GCP)
Soft Skills
Strong mentorship and coaching mindset
Excellent analytical and problem-solving skills
Ability to guide teams in high-pressure situations
Clear and effective communication skills
Focus on continuous improvement and team development
UltraViolet Cyber is a leading tech-enabled managed security services provider, delivering unparalleled cybersecurity expertise that fills technology and talent gaps across Global 2000 and Federal Government customers. Founded and operated by security practitioners from the national intelligence community, UltraViolet Cyber connects offensive security, application security, detection and response, and security engineering to deliver a differentiated approach to cybersecurity operations. Transforming customers’ security programs, UltraViolet Cyber’s flagship security-as-a-service solution, UV Lens, removes complex operational silos, replacing them with integrated security capabilities. UltraViolet is headquartered in McLean, Virginia with technology centers across the world. Learn more at www.uvcyber.com.
