SOC Manager

Job Summary

Hands-on and technically skilled, the full-time SOC Manager will design and operate the internal SOC, author detection rules, develop response playbooks, and manage a small team of analysts in a hybrid work environment based in Austin, TX.

Key Responsibilities

• Build out SOC processes, tooling, detection coverage, and analyst workflows while defining operating procedures and performance metrics
• Personally author detection rules and maintain a detection library mapped to MITRE ATT&CK, identifying detection opportunities across various log sources
• Own SOAR implementation and playbook development, operating the AI SOC platform to improve automation and reduce analyst toil

Required Qualifications

• 5+ years in security operations, with 3+ years in a SOC leadership or senior SOC engineer role involving hands-on technical output
• Proven personal detection authorship at field-logic level in a SIEM such as Splunk, Microsoft Sentinel, or equivalent
• Hands-on experience configuring SOAR playbooks and automated workflows
• Demonstrated ability to build SOC processes and workflows in early-stage environments
• Strong log source fluency to independently identify detection opportunities