SOC Supervisor

CTS delivers comprehensive IT solutions to meet the unique demands of mission-driven organizations. We have deep expertise in supporting nonprofits and educational institutions, however our team is equipped to handle the complexities of IT across a variety of sectors. We’re committed to making technology work seamlessly, so our clients can focus on making a difference, regardless of their industry.

At CTS, we believe in building a company culture that fosters growth, collaboration, and innovation. By joining our team, you will not only help empower businesses with cutting-edge IT solutions but also build a rewarding career in a dynamic and supportive environment. Discover the many reasons why CTS is a great place to advance your career. We are headquartered in Brooklyn, NY with 90+ employees across the US and several other countries.  Learn more about us at https://www.charterts.com

JOB SUMMARY

We are seeking an experienced SOC Supervisor to lead the day-to-day operations of our Security Operations Center. This role is responsible for managing SOC personnel, overseeing alert and incident response workflows, ensuring service levels and quality standards are met, and driving continuous operational improvement. 

The SOC Supervisor serves as both a tactical leader and a strategic manager. On the tactical side, this person oversees queue health, coordinates major incident response, removes blockers for engineers, and acts as the highest point of operational escalation. On the strategic side, the role focuses on people leadership, process governance, KPI reporting, quality assurance, and SOC maturity initiatives. 

This is a leadership role for someone who can balance operational oversight, incident command, coaching and development, and continuous process improvement in a fast-paced managed services environment.

ROLE & RESPONSIBILITIES

Operational Oversight & Incident Handling 

• Oversee daily SOC operations and monitor the health of the alert and ticket queue
• Balance workloads across SOC team members to ensure efficient operations
• Act as Incident Commander during critical or high-impact security incidents
• Lead communications with customers, internal IT teams, and executive stakeholders during major incidents
• Ensure the team consistently meets SLAs for triage, response, escalation, and resolution
• Remove technical, operational, or cross-functional blockers impacting investigations
• Serve as the highest point of operational escalation for the team or shift
• Review handoff logs and ensure continuity across shifts 

Team Leadership & People Management 

• Lead, coach, and develop SOC staff across multiple experience levels
• Conduct regular 1-on-1 meetings focused on performance, growth, and career development
• Manage shift schedules, coverage plans, on-call rotations, and time-off requests
• Build training plans and support skill development for junior and mid-level analysts
• Address performance, behavioral, and engagement issues promptly and professionally
• Foster a collaborative, accountable, and blameless team culture
• Support internal talent progression and promotion readiness 

Quality Assurance 

• Conduct regular QA reviews of closed, escalated, and high-impact tickets
• Ensure SOC documentation is accurate, complete, professional, and audit-ready
• Identify recurring quality issues or knowledge gaps across the team
• Provide clear, actionable feedback to improve analysis quality and communication
• Address stakeholder feedback related to investigation quality or customer communication 

Process Governance & Playbooks 

• Enforce the use of approved playbooks, SOPs, and standardized workflows
• Ensure team members contribute to the creation and maintenance of playbooks
• Review and approve updates to core SOC processes and response procedures
• Maintain operational compliance with internal standards and relevant regulatory requirements
• Drive consistency in incident handling and reduce reliance on tribal knowledge 

Operational Improvement 

• Analyze SOC metrics such as time to triage, time to contain, response efficiency, and queue aging
• Identify process bottlenecks and implement workflow improvements
• Advocate for tooling enhancements, automation opportunities, and detection tuning
• Partner with Detection Engineering, Threat Intelligence, IT, and other teams to close operational gaps
• Reduce analyst fatigue and false positives through process and technology improvements
• Help mature the SOC from a reactive function into a proactive security operation 

Reporting, Communication & Ownership 

• Generate and present KPI and performance reporting to leadership on a regular basis
• Provide accurate, transparent updates on SOC operations, risks, and team performance
• Represent the SOC in cross-functional meetings and stakeholder discussions
• Proactively identify risks to service delivery, including staffing shortages, tooling issues, and process gaps
• Take accountability for team outcomes and lead root cause analysis and corrective actions when issues arise 

REQUIRED SKILLS

• Strong leadership and people management skills in a SOC, NOC, or security operations environment
• Experience leading major incident response and serving in an incident command role
• Deep understanding of SOC workflows, escalation paths, case management, and alert triage operations
• Ability to manage queue health, prioritize competing operational demands, and maintain SLA performance
• Strong communication skills with the ability to engage technical teams, customers, and executive stakeholders
• Experience with QA reviews, documentation standards, and audit-ready case handling
• Ability to use metrics and reporting to drive operational decisions and continuous improvement
• Knowledge of playbook development, SOP governance, and process standardization
• Familiarity with detection tuning, SOAR/automation opportunities, and operational tooling improvements
• Strong coaching, mentoring, and performance management capabilities
• Ability to stay calm and decisive in high-pressure situations
• Strong organizational skills and ability to balance tactical response with strategic initiatives 

QUALIFICATIONS

• 5+ years of experience in Security Operations, Incident Response, or Cybersecurity Operations
• 2+ years of experience in a leadership, supervisory, or team lead role within a SOC or similar environment
• Experience managing analysts or engineers across multiple levels of seniority
• Proven experience overseeing security incidents, escalations, and operational workflows in a 24x7 or shift-based environment
• Experience working with SOC tooling such as SIEM, SOAR, EDR/XDR, ticketing systems, and case management platforms
• Strong understanding of incident response processes, threat detection, escalation management, and security operations best practices
• Experience with KPI development, SLA tracking, and operational performance reporting
• Familiarity with audit, compliance, and documentation requirements relevant to security operations
• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field preferred
• Industry certifications such as Security+, CySA+, GCIH, GCIA, CISSP, or equivalent are preferred 

WORK SCHEDULE & LOCATION

• This is a full-time remote role, 8am – 5pm EST, Monday – Friday. Occasional travel for CTS Cybersecurity and team building events is expected (3-4 times a year).

COMPENSATION

The salary range for this role is $110,000 - $115,000.

BENEFITS

• Competitive compensation
• Health Insurance (medical, vision, dental), 80% covered for employee-only plans and 75% covered for employee-spouse, employee-kids, and employee-family plans
• Flexible Spending Account (FSA)
• Health Savings Account (HSA)
• Employee Assistance Program (EAP)
• Retirement Plan (401(k)) with company match
• Commuter Benefits
• Short-Term Disability Insurance fully paid by the company
• Long-Term Disability Insurance fully paid by the company
• Life and AD&D Insurance, with optional Supplemental Life Insurance
• Paid Time Off, including Paid Parental Leave
• 10 Holidays
• 2 Floating Holidays

CTS participates in the E-Verify Program. As part of this program, the company provides the federal government with your Form I-9 information to confirm your employment eligibility in the United States.
Learn more at www.e-verify.gov (information available in English and Spanish).

THE INTERVIEW PROCESS

Depending on the role, some steps may be adjusted or added - we’ll let you know upfront!

1. Screening call with a member of our HR team (30 minutes)
2. Technical interview with the Hiring Manager (45 minutes)
3. Panel interview with the Hiring Manager and Department Director (60 minutes)
4. (If applicable) Executive interview

CTS is proud to be an equal opportunity employer that celebrates diversity and is committed to creating an inclusive workplace with equal opportunity for all applicants and employees. Our goal is to recruit the most talented people from a diverse candidate pool regardless of race, color, ancestry, national origin, religion, disability, sex (including pregnancy), age, gender, gender identity, sexual orientation, marital status, veteran status, or any other characteristic protected by law.

CTS is committed to working with and providing access and reasonable accommodation to applicants. If you require an accommodation, please reach out to jobs@charterts.com once you've begun the interview process. All requests for accommodations are treated discreetly and confidentially, as practical and permitted by law.