Job Summary: The SOC Supervisor steers day‑to‑day Security Operations Center activities in alignment with corporate security objectives and leading‑practice frameworks such as NIST CSF, MITRE ATT&CK; and ITIL. Analysts and team leads are provided with the appropriate tools, well‑defined processes and up‑to‑date documentation to detect, investigate and respond to cyber‑threats around the clock, consistently meeting SLA/KPI targets and maintaining high customer‑satisfaction scores. Responsibilities: The SOC Supervisor provides strategic and operational leadership to the Security Operations Center, directing a multidisciplinary team of analysts to deliver continuous threat monitoring, incident response and cyber‑defense services. The role aligns SOC capabilities with organizational objectives and recognized frameworks (ITIL, NIST CSF, MITRE ATT&CK;), safeguards system availability and performance, and ensures service‑level and customer‑satisfaction targets are consistently achieved. Responsibilities include cultivating a high‑performance culture, standardizing and automating processes, optimizing tooling and runbooks, and serving as the principal liaison with clients and internal stakeholders to communicate risk posture, performance metrics and improvement initiatives. - Oversee continuous tracking of security events and alerts using SIEM tools. - Analyze and correlate security data to identify potential threats and vulnerabilities. - Ensure timely and accurate detection of security incidents to maintain high system availability and security posture. - Lead the SOC team in responding to security incidents, ensuring effective containment, eradication, and recovery. - Act as Incident Manager for major incident outages, coordinating cross-functional responses. - Work closely with and in support of the IT Operations Center, Service Desk, Engineering team and vendors to expedite issue resolution. - Develop and implement incident response plans, playbooks, and standard operating procedures (SOPs). - Coordinate with external partners, law enforcement, and other stakeholders during major security incidents. - Perform analysis and reporting of different metrics related to team performance and incident handling. - Prepare comprehensive reports, metrics, and presentations for senior management and stakeholders. - Identify opportunities for automation and process improvement to enhance the SOC’s operational efficiency. - Support the overall management and process improvements for SOC in accordance with company goals. - Implement and manage automated workflows, scripts, and tools to streamline security operations and incident response. - Maintain detailed and accurate documentation of security incidents, response actions, and lessons learned. - Contribute to the development and enhancement of Standard Operational Procedure (SOP) documentation and security policies. - Contribute to the hiring, mentoring, performance management and retention of staff. - Follow up team members yearly goals. - Conducts monthly, midyear and annual reviews. - Receives services for onboard clients and ensures the team can deliver the support. - Serve as backup for Security Operation Center analysts as needed. Skills and Experience: Experience: - Minimum of 4+ years working experience in a security operations center (SOC), network operations center, or a related field. - Minimum of 3+ years working experience in supervising or managing a team of 5 or more individuals (Nice to Have). - Experience with the basic administration of Windows servers (v. 2019-2025), including a fundamental understanding of security infrastructure. - Intermediate‑level knowledge of administering and securing workloads in both Microsoft Azure and Amazon Web Services (AWS) environments is required. - Experience in incident response, threat detection, and security monitoring. Education: - A bachelor's degree in computer science, Industrial Engineering, Information Technology, or related fields. Alternatively, a minimum of five years of equivalent working experience. - Have at least one of the following certifications: GIAC Certified Incident Handler, Microsoft (AZ-500, SC-200 or SC-300), AWS (Security Specialty), EC-Council (Ethical Hacker, Network Defense) or similar certification. - Additional certifications are advantageous. Technical Competencies: - Knowledge of or training in best practices or IT frameworks, such as ITIL. ITIL Certified (Nice to Have). - Patching Management: Good understanding of patching management best practices. - Security Monitoring Tools: Proficient in using and managing SIEM tools (e.g., MS Sentinel, Wazuh) and other security monitoring applications. - Incident Response: Understanding of incident response processes and security incident management. - Security Frameworks: Familiarity with security frameworks and standards (e.g., NIST CSF, ISO 27001, MITRE ATT&CK;). - Active Directory Services: Knowledge of Active Directory and its security implications. - Cloud Computing: Familiarity with cloud computing concepts and basic security operations in cloud environments (e.g., AWS, Azure). - Virtualization Technologies: Understanding of virtualization technologies (e.g., VMware). - Email Security: Familiarity with MS Office 365 and email security applications. - Virtualization and Server Administration: Basic knowledge of Windows Server (2012-2019) and Linux administration. - Disaster Recovery: Basic knowledge of disaster recovery techniques and business continuity planning. - Excellent written, verbal, and interpersonal skills. - Knowledge of threat intelligence lifecycle stages, including collection, analysis, and dissemination. Experience integrating threat intelligence feeds into SIEMs and other security tools to improve detection and response. - Familiarity with emerging threat actor tactics and the ability to map TTPs to frameworks such as MITRE ATT&CK; to enhance defense strategies. - Proficiency in using threat intelligence platforms (e.g., ThreatConnect, Recorded Future) and leveraging both commercial and open-source threat intelligence feeds to identify and mitigate current and emerging threats. Personal Competencies: - Effectively lead and motivate a team in charge of responding to a 24/7 operation with high peaks of workload. - Actively seeks ways to help clients and ensures a positive customer experience. - Listens and communicates clearly to support organizational objectives. - Uses logic and reasoning to identify the strengths and weaknesses of alternative solutions, conclusions, or approaches to problems. - Demonstrates honesty and adheres to strong moral principles in all professional interactions. - Actively collaborates with team members to achieve a common goal or complete tasks effectively and efficiently. - Demonstrates the ability to adapt to changed circumstances or environments, learning from experience to improve competitiveness. - Possess the capacity to understand and analyze situations when multiple issues or tasks arise simultaneously, working in the correct order based on impact and urgency. - Exhibits ability to provide clear, concise, & constructive feedback for growth & development to direct & indirect reports on a regular basis. - Demonstrates ability to work independently and in a group to produce successful results. Language Skills: - Proficiency in English and Spanish (Oral and writing at 85% or higher), with a minimum of C1+ level proficiency in both languages being a requirement.