CTS delivers comprehensive IT solutions to meet the unique demands of mission-driven organizations. We have deep expertise in supporting nonprofits and educational institutions, however our team is equipped to handle the complexities of IT across a variety of sectors. We’re committed to making technology work seamlessly, so our clients can focus on making a difference, regardless of their industry.
At CTS, we believe in building a company culture that fosters growth, collaboration, and innovation. By joining our team, you will not only help empower businesses with cutting-edge IT solutions but also build a rewarding career in a dynamic and supportive environment. Discover the many reasons why CTS is a great place to advance your career. We are headquartered in Brooklyn, NY with 90+ employees across the US and several other countries. Learn more about us at https://www.charterts.com
JOB SUMMARY
We are seeking an experienced SOC Supervisor to lead the day-to-day operations of our Security Operations Center. This role is responsible for managing SOC personnel, overseeing alert and incident response workflows, ensuring service levels and quality standards are met, and driving continuous operational improvement.
The SOC Supervisor serves as both a tactical leader and a strategic manager. On the tactical side, this person oversees queue health, coordinates major incident response, removes blockers for engineers, and acts as the highest point of operational escalation. On the strategic side, the role focuses on people leadership, process governance, KPI reporting, quality assurance, and SOC maturity initiatives.
This is a leadership role for someone who can balance operational oversight, incident command, coaching and development, and continuous process improvement in a fast-paced managed services environment.
ROLE & RESPONSIBILITIES
Operational Oversight & Incident Handling
Oversee daily SOC operations and monitor the health of the alert and ticket queue
Balance workloads across SOC team members to ensure efficient operations
Act as Incident Commander during critical or high-impact security incidents
Lead communications with customers, internal IT teams, and executive stakeholders during major incidents
Ensure the team consistently meets SLAs for triage, response, escalation, and resolution
Remove technical, operational, or cross-functional blockers impacting investigations
Serve as the highest point of operational escalation for the team or shift
Review handoff logs and ensure continuity across shifts
Team Leadership & People Management
Lead, coach, and develop SOC staff across multiple experience levels
Conduct regular 1-on-1 meetings focused on performance, growth, and career development
Manage shift schedules, coverage plans, on-call rotations, and time-off requests
Build training plans and support skill development for junior and mid-level analysts
Address performance, behavioral, and engagement issues promptly and professionally
Foster a collaborative, accountable, and blameless team culture
Support internal talent progression and promotion readiness
Quality Assurance
Conduct regular QA reviews of closed, escalated, and high-impact tickets
Ensure SOC documentation is accurate, complete, professional, and audit-ready
Identify recurring quality issues or knowledge gaps across the team
Provide clear, actionable feedback to improve analysis quality and communication
Address stakeholder feedback related to investigation quality or customer communication
Process Governance & Playbooks
Enforce the use of approved playbooks, SOPs, and standardized workflows
Ensure team members contribute to the creation and maintenance of playbooks
Review and approve updates to core SOC processes and response procedures
Maintain operational compliance with internal standards and relevant regulatory requirements
Drive consistency in incident handling and reduce reliance on tribal knowledge
Operational Improvement
Analyze SOC metrics such as time to triage, time to contain, response efficiency, and queue aging
Identify process bottlenecks and implement workflow improvements
Advocate for tooling enhancements, automation opportunities, and detection tuning
Partner with Detection Engineering, Threat Intelligence, IT, and other teams to close operational gaps
Reduce analyst fatigue and false positives through process and technology improvements
Help mature the SOC from a reactive function into a proactive security operation
Reporting, Communication & Ownership
Generate and present KPI and performance reporting to leadership on a regular basis
Provide accurate, transparent updates on SOC operations, risks, and team performance
Represent the SOC in cross-functional meetings and stakeholder discussions
Proactively identify risks to service delivery, including staffing shortages, tooling issues, and process gaps
Take accountability for team outcomes and lead root cause analysis and corrective actions when issues arise
REQUIRED SKILLS
Strong leadership and people management skills in a SOC, NOC, or security operations environment
Experience leading major incident response and serving in an incident command role
Deep understanding of SOC workflows, escalation paths, case management, and alert triage operations
Ability to manage queue health, prioritize competing operational demands, and maintain SLA performance
Strong communication skills with the ability to engage technical teams, customers, and executive stakeholders
Experience with QA reviews, documentation standards, and audit-ready case handling
Ability to use metrics and reporting to drive operational decisions and continuous improvement
Knowledge of playbook development, SOP governance, and process standardization
Familiarity with detection tuning, SOAR/automation opportunities, and operational tooling improvements
Strong coaching, mentoring, and performance management capabilities
Ability to stay calm and decisive in high-pressure situations
Strong organizational skills and ability to balance tactical response with strategic initiatives
QUALIFICATIONS
5+ years of experience in Security Operations, Incident Response, or Cybersecurity Operations
2+ years of experience in a leadership, supervisory, or team lead role within a SOC or similar environment
Experience managing analysts or engineers across multiple levels of seniority
Proven experience overseeing security incidents, escalations, and operational workflows in a 24x7 or shift-based environment
Experience working with SOC tooling such as SIEM, SOAR, EDR/XDR, ticketing systems, and case management platforms
Strong understanding of incident response processes, threat detection, escalation management, and security operations best practices
Experience with KPI development, SLA tracking, and operational performance reporting
Familiarity with audit, compliance, and documentation requirements relevant to security operations
Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field preferred
Industry certifications such as Security+, CySA+, GCIH, GCIA, CISSP, or equivalent are preferred
WORK SCHEDULE & LOCATION
This is a full-time remote role, 8am – 5pm EST, Monday – Friday. Occasional travel for CTS Cybersecurity and team building events is expected (3-4 times a year).
COMPENSATION
The salary range for this role is $110,000 - $115,000.
BENEFITS
Competitive compensation
Health Insurance (medical, vision, dental), 80% covered for employee-only plans and 75% covered for employee-spouse, employee-kids, and employee-family plans
Flexible Spending Account (FSA)
Health Savings Account (HSA)
Employee Assistance Program (EAP)
Retirement Plan (401(k)) with company match
Commuter Benefits
Short-Term Disability Insurance fully paid by the company
Long-Term Disability Insurance fully paid by the company
Life and AD&D Insurance, with optional Supplemental Life Insurance
Paid Time Off, including Paid Parental Leave
10 Holidays
2 Floating Holidays
CTS participates in the E-Verify Program. As part of this program, the company provides the federal government with your Form I-9 information to confirm your employment eligibility in the United States.
Learn more at www.e-verify.gov (information available in English and Spanish).
THE INTERVIEW PROCESS
We aim to move fast. You’ll receive scheduling emails from [email protected] through Greenhouse.
Depending on the role, some steps may be adjusted or added - we’ll let you know upfront!
1. Screening call with a member of our HR team (30 minutes)
2. Technical interview with the Hiring Manager (45 minutes)
3. Panel interview with the Hiring Manager and Department Director (60 minutes)
4. (If applicable) Executive interview
CTS is proud to be an equal opportunity employer that celebrates diversity and is committed to creating an inclusive workplace with equal opportunity for all applicants and employees. Our goal is to recruit the most talented people from a diverse candidate pool regardless of race, color, ancestry, national origin, religion, disability, sex (including pregnancy), age, gender, gender identity, sexual orientation, marital status, veteran status, or any other characteristic protected by law.
CTS is committed to working with and providing access and reasonable accommodation to applicants. If you require an accommodation, please reach out to [email protected] once you've begun the interview process. All requests for accommodations are treated discreetly and confidentially, as practical and permitted by law.