Lead SOC Analyst POST NUMBER: 448213
Lead SOC Analyst
Vaco is seeking a Lead SOC Analyst to join the team with one of our trusted local partners. This position requires both hands-on operational involvement and leadership responsibilities. The ideal candidate will oversee swing shift analysts, lead strategic initiatives to enhance team performance, identify operational gaps, improve processes and documentation, and effectively manage case prioritization across the team.
The Lead Analyst will directly supervise a team of junior and senior analysts during the swing shift and will report to the SOC Director. This is a full-time role offering a competitive base salary, quarterly discretionary bonuses, and comprehensive benefits. The standard shift runs from 1:00 PM to 9:00 PM or 12:00 PM to 8:00 PM (Phoenix Time).
Key Responsibilities:
-
Develop and update SOC procedures, protocols, and systems
-
Initiate and lead projects focused on technological and process improvements within SOC operations
-
Oversee staffing and scheduling to ensure operational efficiency
-
Act as the primary incident lead during major security events and handle customer escalations
-
Design and deliver training programs covering all SOC functions
-
Provide first-line supervision, mentorship, and leadership for swing shift team members
-
Hire, train, and evaluate analysts; conduct performance reviews and provide professional development support
-
Assist with alert triage and threat hunting as needed
-
Be available on-call for escalated incidents and emergency SOC coverage
Requirements:
-
Develop metrics and reporting systems to track team performance and success
-
Strong skills in analyzing packet captures, data, and logs to support incident response and identify potential threats
-
Deep understanding of TCP/IP, security architecture, and threat actor TTPs (tactics, techniques, and procedures)
-
Experience working with SIEM platforms such as RSA NetWitness, Azure Sentinel, or Splunk
-
Knowledge of incident response practices and associated reporting standards
-
Excellent written and verbal communication skills
-
Ability to perform well under pressure in a fast-paced environment
-
Strong analytical thinking and problem-solving abilities
-
Self-driven with the ability to manage multiple projects simultaneously
Preferred Qualifications:
-
4 years of experience in triage and incident response within enterprise environments
-
4 years analyzing logs and packet data for forensic investigations
-
Experience mentoring or leading a technical team
-
Advanced security certifications (e.g., CEH, GCIH, GCFA, GCFE, GCTI, GCIA, GREM, GPEN, GFNA, OSCP, CISSP, CISM)
-
Familiarity with MITRE ATT&CK, web-based attacks, NIST or SANS Incident Handling procedures
-
Strong knowledge of Windows and Linux OS, as well as core networking concepts
Shift Schedule:
-
1:00 PM – 9:00 PM or 12:00 PM – 8:00 PM (Phoenix Time)
Benefits:
-
Health Insurance (80% employer-paid)
-
Dental Insurance (80% employer-paid)
-
Vision Insurance (80% employer-paid)
-
Paid Sick Leave, Vacation, and Holidays
Determining compensation for this role (and others) at Vaco/Highspring depends upon a wide array of factors including but not limited to the individual’s skill sets, experience and training, licensure and certifications, office location and other geographic considerations, as well as other business and organizational needs. With that said, as required by local law in geographies that require salary range disclosure, Vaco/Highspring notes the salary range for the role is noted in this job posting. The individual may also be eligible for discretionary bonuses, and can participate in medical, dental, and vision benefits as well as the company’s 401(k) retirement plan.
Vaco by Highspring values a diverse workplace and strongly encourages women, people of color, LGBTQ+ individuals, people with disabilities, members of ethnic minorities, foreign-born residents, and veterans to apply.
EEO Notice
Vaco by Highspring is an Equal Opportunity Employer and does not discriminate against any employee or applicant for employment because of race (including but not limited to traits historically associated with race such as hair texture and hair style), color, sex (includes pregnancy or related conditions), religion or creed, national origin, citizenship, age, disability, status as a veteran, union membership, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, political affiliation, or any other protected characteristics as required by federal, state or local law.
Vaco by Highspring and its parents, affiliates, and subsidiaries are committed to the full inclusion of all qualified individuals. As part of this commitment, Vaco by Highspring and its parents, affiliates, and subsidiaries will ensure that persons with disabilities are provided reasonable accommodations. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact HR@vaco.com .
Vaco by Highspring also wants all applicants to know their rights that workplace discrimination is illegal.
By submitting to this position, you agree that you will be giving Vaco by Highspring the exclusive right to present your as a candidate for the foregoing employment opportunity. You further agree that you have represented information about yourself accurately and have not affirmatively misrepresented your qualifications. You also agree to maintain as confidential, to the fullest extent permitted by law, any information you learn from Vaco by Highspring about the position and you will limit disclosure of information about the position only to the extent necessary to perform any obligations in furtherance of your application. In exchange, Vaco by Highspring agrees to exercise reasonable efforts to represent you through all solicitation, job screening and resume dispersal.
Privacy Notice
Vaco by Highspring and its parents, affiliates, and subsidiaries (“we,” “our,” or “Vaco by Highspring”) respects your privacy and are committed to providing transparent notice of our policies.
- California residents may access Vaco by Highspring HR Notice at Collection for California Applicants and Employees here.
- Virginia residents may access our state specific policies here.
- Residents of all other states may access our policies here.
- Canadian residents may access our policies in English here and in French here.
- Residents of countries governed by GDPR may access our policies here.
Pay Transparency Notice
Determining compensation for this role (and others) at Vaco by Highspring depends upon a wide array of factors including but not limited to:
- the individual’s skill sets, experience and training;
- licensure and certification requirements;
- office location and other geographic considerations;
- other business and organizational needs.
With that said, as required by local law, Vaco by Highspring believes that the following salary range referenced above reasonably estimates the base compensation for an individual hired into this position in geographies that require salary range disclosure. The individual may also be eligible for discretionary bonuses.