Role Overview
The SOC Manager / Incident Response Lead evaluates detection workflows, response processes, playbooks, and operational readiness. This role focuses on assessing incident timelines, triage quality, escalation logic, and consistency across SOC operations.
What You’ll Do
- Review detection alerts, triage workflows, and escalation pathways
- Evaluate completeness and quality of incident response actions
- Identify gaps in logging, detection coverage, and containment logic
- Summarize incident patterns and operational bottlenecks
- Validate playbooks for clarity, accuracy, and practical feasibility
- Support recurring assessments of SOC maturity and response operations
What You Bring
Must-Have:
- Experience in SOC operations, IR leadership, or cybersecurity operations
- Strong understanding of detection engineering, response workflows, and incident timelines
- Clear analytical writing and structured documentation ability
Nice-to-Have:
- Familiarity with SIEM platforms, EDR tools, and cloud-native detection systems
$40 - $80 an hour