remote
Principal Cybersecurity - Tier 3 Team Lead SOC Analyst - AT&T
Security Engineer
Lead a Tier‑3 Security Operations Center, defining operational standards, coordinating shifts, and driving advanced threat detection and response using SIEM, threat hunting, and vulnerability management while mentoring a team of analysts.
About the role
Key Responsibilities
- Define, implement, and enforce Tier‑3 SOC operational standards and procedures.
- Coordinate daily shift activities, ensuring seamless coverage and rapid escalation of security incidents.
- Lead advanced incident response and threat‑hunting investigations, leveraging SIEM platforms and custom scripts.
- Delegate administrative and operational tasks to analysts, providing mentorship and performance feedback.
- Collaborate with cross‑functional security teams to integrate vulnerability management findings into response workflows.
Requirements
- 5+ years of hands‑on experience in a SOC environment, with at least 2 years in a leadership or team‑lead role.
- Deep expertise with SIEM tools (e.g., Splunk, QRadar, ArcSight) and incident response frameworks.
- Proven ability to conduct threat hunting, malware analysis, and vulnerability assessments.
- Strong scripting or programming skills (Python preferred) for automation and data analysis.
- Excellent communication and decision‑making skills, with a track record of mentoring junior analysts.