Security Triage (ST) Team Lead

    Washington, DC 20001
    Similar jobs pay $12.50 - $21.74
    Refer friends, get paid!

    Job Description


    As the Security Triage Team Lead you will directly support the security operations staff by providing oversight, guidance, and mentorship to an 8-10 person team of security analysts. In this player/coach role, you will manage and mentor security triage team members who will apply technical and engineering skills in order to investigate intrusions, identify malicious activity and potential insider threats, and perform incident response.

    Responsibilities include but not limited to

    • Manage the relationship with the customer

    • Provide weekly and monthly reports on SOC investigations and activities

    • Determine staffing requirements: guiding recruitment, hiring, training, development, and retention of highly qualified team members

    • Foster innovation, creativity, collaboration, and professional growth of the SOC team

    • Maintain strong standards, and promote productivity, accountability and high morale

    • Oversee training and exercises to ensure SOC team proficiency

    • Influence and improve upon existing processes through innovation and operational change

    • Develop and support strategic plans and projects to meet SOC goals and objectives

    • Conduct "after action" reviews to identify lessons learned and best practices

    • Regularly review standard operating procedures and protocols to ensure Security Triage continues to effectively meet operational requirements

    • Evaluate existing technical capabilities and systems and identify opportunities for improvement

    • Ensure the Security Triage team is providing excellent customer service and support

    Remote work may be an option but will require written approval by the COR first



    Bachelor's degree in a technical field such as Computer Science, Information Security, Information Technology, Computer Engineering, Information Systems, etc.

    • 5+ years of SOC experience as a Team Lead.

    • 5+ years of SIEM experience

    • Experience working in fast paced environments, and ability manage workload even during times of stress or escalated activity

    • Enthusiastic to be active in the training, coaching, and development of the security triage team

    • Experience with developing and maintaining metrics

    • Ability to communicate IT, networking, and security concepts to personnel at all levels of experience and responsibility

    • Track record of creative problem solving, and the desire to create and build new processes

    • Strong time management and multitasking skills as well as attention to detail

    • In-depth understanding of security architectures and devices

    • Strong understanding of root causes of malware infections and proactive mitigation

    • Strong understanding of lateral movement, footholds, and data exfiltration techniques

    • Comfortable with impromptu tasking and loosely defined requirements

    • Strong analytical and investigation skills

    • Excellent oral and written communications skills

    • Ability to think strategically in implementing overall task and responsibilities of the security triage

    • Ability to turn high-level goals into actionable steps and develop a roadmap to achieve the goals

    • Ability to mentor and coach less experienced security analysts. Providing techniques and strategies to dig deeper into investigations

    • Extensive Incident Response leadership experience

    • Experience developing and writing processes and procedures for Security Triage operations

    No clearance required to start work. You will be required to undergo SEC background check once employed.


    Experience working with U. S. Securities and Exchange Commission is desired but not required.

    Preferred Qualifications:

    • Master's degree in Information Security or related field

    • Experience with Splunk

    • Multiple relevant security certifications(such as: CISSP, GCIA, GCIH, GREM, CEH)

    • Experience with one or more scripting languages, e.g., Python, JavaScript, Perl.

    • Forensics experience

    • Experience as a government contractor


    SAIC is a premier technology integrator solving our nation's most complex modernization and readiness challenges. Our robust portfolio of offerings across the defense, space, civilian, and intelligence markets includes high-end solutions in engineering, IT, and mission solutions. Using our expertise in existing and emerging technologies, we integrate the best components from our own portfolio and our partner ecosystem to deliver innovative, effective, and efficient solutions. We are 25,500 strong; driven by mission, united by purpose, and inspired by opportunities. Headquartered in Reston, Virginia, SAIC has pro forma annual revenues of nearly $7.1 billion. For more information, visit For ongoing news, please visit our newsroom. For SAIC benefits information, see Working at SAIC. EOE AA M/F/Vet/Disability

    Posting ID: 554843805Posted: 2020-05-27