Role Overview
The SOC Manager / Incident Response Lead evaluates detection workflows, response processes, playbooks, and operational readiness. This role focuses on assessing incident timelines, triage quality, escalation logic, and consistency across SOC operations.
What You’ll Do
– Review detection alerts, triage workflows, and escalation pathways
– Evaluate completeness and quality of incident response actions
– Identify gaps in logging, detection coverage, and containment logic
– Summarize incident patterns and operational bottlenecks
– Validate playbooks for clarity, accuracy, and practical feasibility
– Support recurring assessments of SOC maturity and response operations
What You Bring
Must-Have:
– Experience in SOC operations, IR leadership, or cybersecurity operations
– Strong understanding of detection engineering, response workflows, and incident timelines
– Clear analytical writing and structured documentation ability
Nice-to-Have:
– Familiarity with SIEM platforms, EDR tools, and cloud-native detection systems
$40 – $80 an hour
We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.
Apply info ->
To apply for this job, please visit jobs.lever.co
