Jobs · Management · Colorado

SOC Manager

RADICL · Boulder, CO · 1 mo ago
On-siteManagementFull-time

About the role

The SOC Manager is responsible for leading the day-to-day operations of the RADICL vSOC. This role directly manages a team of security analysts across all tiers, ensuring 24×7 coverage through disciplined shift scheduling, rigorous escalation management, and continuous process improvement. The SOC Manager serves as the critical bridge between front-line analyst operations and the broader security programs — including incident response, threat intelligence, threat hunting, and detection engineering — ensuring seamless integration of analyst triage and investigation workflows into each discipline.

About You

  • You enjoy fast-paced environments, bring a positive attitude, and excel at getting things done.
  • You enjoy being part of a high performing team and are also able to self-direct and self-start.
  • You consider yourself to be top tier talent and are eager to help others raise their game.
  • You enjoy working with customers, are an excellent communicator, and able to engage and interact with people of various backgrounds and skill levels.
  • You want your work to have meaning, to be important. You want to be part of creating something great.

As a RADICL SOC Manager, you will:

  • Team Leadership & People Management
    • Directly manage a team of Tier 1, Tier 2, and Tier 3 security analysts, providing day-to-day leadership, coaching, mentorship, and performance management.
    • Conduct regular 1:1s, team meetings, and performance reviews; set clear goals and development plans aligned with individual and organizational objectives.
    • Foster a high-performance, collaborative SOC culture with a focus on analyst growth, retention, and well-being across a 24×7 operational environment.
    • Manage shift handoffs, holiday coverage, and surge staffing plans to address operational gaps without analyst burnout.
    • Participate in hiring, onboarding, and skills development initiatives for the analyst team.
  • Escalation Management
    • Own and continuously refine the SOC escalation framework, ensuring clearly defined escalation paths, SLAs, and communication protocols.
    • Serve as an escalation point for complex, high-severity, or ambiguous security events, providing real-time guidance and decision-making support to analysts.
    • Cook up escalations to client security teams, executive stakeholders, and third-party responders as required, maintaining clear and timely communication throughout.
    • Conduct post-escalation reviews to identify process gaps and drive continuous improvement.
  • Integration with Incident Response
    • Ensure analyst triage and investigation workflows are tightly integrated with the MDR incident response lifecycle, from initial detection through containment, eradication, and recovery.
    • Collaborate with the Incident Response team to define and document IR playbooks, ensuring analysts are trained and prepared to execute them effectively.
    • Oversee analyst participation in incident response activities, coordinating handoffs and maintaining situational awareness during active incidents.
    • Conduct or facilitate post-incident reviews (PIRs) with the analyst team to extract lessons learned and drive process improvements.
  • Integration with RADICL RAID Team (Adversary Intelligence and Detection Engineering)
    • Partner with the RAID team to operationalize intelligence within the SOC, ensuring analysts are consuming and applying relevant TI in their daily triage and investigation activities.
    • Facilitate regular TI briefings and knowledge-sharing sessions to keep the analyst team current on adversary TTPs, active threat campaigns, and client-relevant intelligence.
    • Provide operational feedback to the RAID team on intelligence relevance, gaps, and analyst consumption patterns to continuously refine RAID outputs.
    • Coordinate analyst involvement in threat hunting initiatives, including providing operational context and making analyst expertise available for collaborative hunts.
    • Ensure hunt outcomes are fed back into SOC runbooks
    • Serve as the primary operational voice into the Detection Engineering program, surfacing analyst feedback on alert fidelity, false positive rates, detection coverage gaps, and tuning opportunities.
    • Coordinate structured feedback loops between analysts and detection engineers to drive continuous improvement in detection rule quality and alert triage efficiency.
    • Participate in detection review processes, contributing operational context to prioritization decisions for new detections and tuning initiatives.

Your skillset/experience should include:

  • Required Qualifications
    • 5+ years of experience in security operations, MDR, or a managed security services environment, with at least 2 years in a team lead or management role.
    • Demonstrated experience managing a 24×7 SOC or security analyst team, including shift scheduling and on-call management.
    • Deep understanding of the SOC analyst workflow — from alert triage and investigation through escalation and incident response handoff.
    • Working knowledge of threat intelligence frameworks (e.g., MITRE ATT&CK, Diamond Model, Kill Chain) and how TI is operationalized in a SOC.
    • Familiarity with threat hunting methodologies and detection engineering practices (e.g., Sigma rules, SIEM query development).
    • Strong incident response background, including experience executing or overseeing IR playbooks and post-incident reviews.
    • Experience with SIEM platforms (e.g., Splunk, Microsoft Sentinel, Chronicle, Elastic), EDR tools, and SOAR platforms.
    • Proven ability to manage escalations under pressure, with clear, professional communication to technical and executive stakeholders.
    • Strong people management and coaching skills with a track record of developing analyst talent.
    • Excellent written and verbal communication skills.
  • Preferred Qualifications
    • Bachelor's degree in Computer Science, Information Security, or related field (or equivalent experience).
    • Industry certifications such as CISSP, CISM, GSOM, GCIA, GCIH, or equivalent.
    • Experience in a commercial MDR or MSSP environment with multi-tenant client responsibilities.
    • Experience implementing or improving SOC automation and AI or SOAR-driven playbooks.
    • Familiarity with frameworks such as CMMC, NIST CSF, SOC 2, or ISO 27001 in the context of managed security service delivery.

About the Workplace

  • We prioritize our culture and believe the strongest teams are built through daily, side-by-side collaboration and experiential sharing.
  • We also value individual freedom and flexibility. For this reason, we have a hybrid work model. As a team, we are in office M/W/Th with work-from-home on Tuesdays and Fridays.
  • For remote positions, periodic travel to Boulder will be expected to participate in company events and meaningful side-by-side collaboration opportunities.
  • RADICL offices are in downtown Boulder, Colorado with easy-to-access employee parking provided by the company.
  • We offer comprehensive, competitive benefits including health, dental, and vision as well as 401K and a responsible PTO plan.

The pay range for this role is:

  • 170,000 - 180,000 USD per year (Boulder, CO)

Similar jobs

SOC Manager

Artemis SecurityNew York, NY· 2 wk ago
Management$160k–$200k/yrapply on jobs.ashbyhq.com

SOC Manager

Baylor Scott & White HealthUnited States· 2 wk ago
RemoteManagement$59.81/hrapply on jobs.bswhealth.com

SOC Manager

General Dynamics Information TechnologyBossier City, LA· 1 wk ago
Management$111k–$150k/yrapply on gdit.wd5.myworkdayjobs.com

SOC Manager

ARCO a Family of Construction CompaniesBrentwood, MO· 4 days ago
Management$28k/yrapply on arco.jibeapply.com

SOC Manager

AlignerrSeattle, WA· 1 wk ago
RemoteManagementapply on alignerr.com

SOC Manager

Theory VenturesNew York, NY· 1 wk ago
Management$160k–$200k/yrapply on jobs.theoryvc.com