Job Specifications
Location
Franklin, TN (Onsite required)
Compensation
Salary Range: $100,000–$130,000 (Manager level)
Benefits: 401(k), Health, Dental, Vision, Profit Sharing, PTO
Position Overview
The SOC Team Lead or Manager leads the Security Operations Center team responsible for 24/7 on call monitoring, detection, analysis, and response to cybersecurity threats. This role ensures operational excellence, team development, and alignment with compliance frameworks such as NIST 800-171 and CMMC.
Key Responsibilities
Leadership & Operations
Oversee daily SOC operations, including shift coverage, alert ticketing system, vulnerability scanning, and incident response.
Lead, mentor, and develop SOC analysts; provide coaching, feedback, and escalation support.
Manage SOC workflows, performance metrics, and service delivery KPIs.
Serve as the escalation point for critical incidents and coordinate cross-functional response.
Manage vulnerability program to identify and remediate vulnerabilities across the technology stack.
Technical & Incident Response
Guide analysts through investigation, containment, and remediation activities.
Ensure consistent use of SIEM, EDR, SOAR, and threat intelligence tools (e.g., Sumo Logic, Defender, Microsoft 365).
Refine detection rules, playbooks, and response procedures.
Conduct threat intelligence and vulnerability management.
Compliance & Audit Readiness
Execute and maintain security and compliance monitoring and audit functions.
Support internal and client audits aligned with NIST 800-171, CMMC, and other standards.
Own audit and control functions, ensuring separation of duties and documentation integrity.
Support Client audits by providing artifacts and being interviewed.
Maintain audit documentation suite and work with Clients to customize to their needs.
Stakeholder Engagement
Communicate incident details and SOC updates to internal and external stakeholders.
Support onboarding of new SOC clients, including tuning and baselining.
Collaborate with support and development teams to support broader security initiatives.
Program & Process Improvement
Identify opportunities to improve SOC effectiveness, automation, and efficiency.
Contribute to service maturity, including documentation, KPIs, and operational standards.
Conduct disaster recovery and incident response drills.
Required Qualifications
3–5+ years of leadership experience, including people management.
Strong understanding of SIEM/EDR technologies, detection logic, and investigative methodologies.
Experience with regulated environments (e.g., DoD, DFARS/CMMC, NIST 800-171).
Hands-on experience with log aggregation, malware analysis, incident response and DevOps environments.
Preferred Skills & Certifications
Experience with Sumo Logic and Microsoft 365.
Certifications: Security+, CySA+, GCIH, GCIA, CISSP, CCA, CCP
Familiarity with MDR/SOC service environments and client onboarding.
About the Company
Authorized CMMC Third Party Assessor Organization (C3PAO). Ariento provides cybersecurity, information technology (IT), and compliance services to small and mid-sized organizations. Comprised of a veteran team boasting decades of experience at the highest levels of the United States military and federal government, Ariento specializes in delivering best-in-class technology solutions that are secure and regulatory compliant. From consulting to fully outsourced IT services and more, Ariento gives business owners and executives...
Know more