Description

This position supports a 2nd shift schedule, Monday - Friday, from 4:00 PM to 1:00 AM CT.


Why WWT?
At World Wide Technology, we work together to make a new world happen. Our important work benefits our clients and partners as much as it does our people and communities across the globe. WWT is dedicated to achieving its mission of creating a profitable growth company that is also a Great Place to Work for All. We achieve this through our world-class culture, generous benefits, and by delivering cutting-edge technology solutions for our clients.

Founded in 1990, WWT is a global technology solutions provider leading the AI and Digital Revolution. WWT combines the power of strategy, execution, and partnership to accelerate digital transformational outcomes for organizations around the globe. Through its Advanced Technology Center, a collaborative ecosystem of the world's most advanced hardware and software solutions, WWT helps clients and partners conceptualize, test, and validate innovative technology solutions for the best business outcomes and then deploys them at scale through its global warehousing, distribution, and integration capabilities.

With over 12,000 employees across WWT and Softchoice and more than 60 locations around the world, WWT's culture, built on a set of core values and established leadership philosophies, has been recognized 14 years in a row by Fortune and Great Place to Work® for its unique blend of determination, innovation, and creating a great place to work for all.

What is the Internal WWT IT Team, and why join?

The Internal WWT IT team is the backbone of our company's technological infrastructure, ensuring seamless operations and continuous innovation. Our team is dedicated to managing and supporting the company's technology infrastructure, ensuring the smooth operation of hardware, software, networks, and data systems, while providing top-notch technical support to employees.

By joining the Internal WWT IT team, you will play a crucial role in maintaining the efficiency and security of our IT environment, enabling the company to achieve its strategic goals. The Internal IT team offers the opportunity to work in a dynamic and collaborative environment, where your contributions will have a direct impact on the company's success. If you are passionate about technology and eager to take on new challenges, we encourage you to apply and join our team.
About the Role

Our Security Operations Center (SOC) is seeking a SOC Team Lead to own day-to-day SOC execution, strengthen how the team operates, and advance the maturity of our detection and response capabilities. This role manages a team of analysts directly and is responsible for ensuring the SOC runs with clarity, consistency, and measurable results across security monitoring, detection engineering, threat hunting, incident response governance, and cross-functional coordination.

This role is available on 2nd shift (Monday - Friday, 4:00 PM-1:00 AM CST) and owns coverage, escalation readiness, and investigation quality for its shift. It's ideal for a leader who can balance hands-on security operations with people management, process ownership, and analyst development; improving how the SOC runs day-to-day while keeping incidents handled, documented, and escalated in line with established procedures.

Key Responsibilities

Team Leadership & People Management

• Lead a team of SOC analysts as their direct manager, including coaching, performance management, and career development.
• Own shift coverage, scheduling, and escalation readiness so the SOC maintains consistent quality across the shift's hours.
• Develop analysts through mentorship and reinforcement of structured, evidence-based investigation practices.

SOC Operations Leadership (Execution, Quality & Continuous Improvement)

• Own day-to-day SOC execution: queue health, triage consistency, escalation discipline, and documentation quality.
• Set and reinforce expectations for how alerts, investigations, and incidents are handled across the team.
• Identify and resolve workflow inefficiencies that slow response or create friction for analysts.
• Turn recurring pain points into measurable process, automation, or documentation improvements.

Detection Engineering Direction & Threat-Informed Defense

• Set detection engineering priorities based on threat intelligence, control gaps, incident learnings, and monitoring weaknesses.
• Oversee tuning across SIEM, SOAR, EDR, NDR, and log analytics platforms to improve fidelity and reduce noise.
• Ensure new detections, use cases, behavioral analytics, and ATT&CK-aligned content are actionable and fit SOC workflows.
• Partner with platform owners and engineering teams to improve telemetry quality and close detection gaps.
• Feed hunt findings, incident patterns, and control observations back into the detection pipeline.

Incident Response Governance

• Ensure incidents are identified, tracked, escalated, and reported per established incident management procedures.
• Reinforce severity-based response expectations, communications requirements, and required response artifacts across the incident lifecycle.
• Ensure investigation timelines, decisions, evidence, and outcomes are documented clearly and defensibly.
• Coordinate with leadership and partner teams during higher-severity incidents and retrospectives.
• Operationalize audit log review, logging-failure escalation, and incident reporting obligations.

Cross-Functional Coordination

• Coordinate with GRC, IAM, Infrastructure, Cloud, AppSec, Vulnerability Management, and other partner teams during investigations, follow-up, and control improvement.
• Clarify ownership boundaries and keep handoffs timely and documented.
• Translate SOC findings into remediation guidance and actionable follow-up for partner teams.
• Support policy, audit, and leadership discussions with accurate operational context.

Qualifications

• 5+ years in SOC operations, detection engineering, threat hunting, incident response, or related operational security work, including 2+ years in a lead, senior, or team-coordination capacity.
• Demonstrated ability to balance security principles with business realities in a risk-managed environment.
• Hands-on experience across incident response, security operations, and security initiatives.
• Strong background in SOC operations, detection engineering, threat hunting, or cyber threat intelligence.
• Experience improving operational workflows, guiding analysts, and driving outcomes through process and technical maturity.
• Strong written and verbal communication, with an emphasis on repeatable, audit-ready documentation.
• Bachelor's degree in computer science, information security, or equivalent experience and certifications.
• Applicants must be authorized to work in the United States. We are unable to provide sponsorship for this position.

Preferred

• Experience owning or shaping SOPs, SLAs, runbooks, or incident governance processes.
• Experience operating in environments with formal audit and compliance requirements.
• Experience driving cross-team alignment through RACI models, scope boundaries, or operational ownership frameworks.

Success Looks Like

• Leading a team that investigates consistently, with less friction and higher-quality documentation.
• Strengthening detection fidelity and reducing noise through prioritized tuning and coverage improvements.
• Governing incidents so they are handled, documented, and escalated in a way that holds up to audit.
• Improving collaboration across SOC, engineering, and partner teams so remediation and ownership are clear.
• Enabling the SOC to operate with greater speed, consistency, and accountability as detection and response needs mature.

Certain states and localities require employers to post a reasonable estimate of the salary range. A reasonable estimate of the current base pay range for this position is $121,600 to $152,000 annually. Actual salary will be based on a variety of factors, including shift, location, experience, skill set, performance, licensure and certification, and business needs. The range for this position in other geographic locations may differ. Certain positions may also be eligible for variable incentive compensation, such as bonuses or commissions, that are not included in the base pay.

The well-being of WWT employees is essential. So, when it comes to our benefits package, WWT has one of the best. We offer the following benefits to all full-time employees:

• Health and Wellbeing: Health, Dental, and Vision Care, Onsite Health Centers, Employee Assistance Program, Wellness program
• Financial Benefits : Competitive pay, Profit Sharing, 401k Plan with Company Matching, Life and Disability Insurance, Tuition Reimbursement
• Paid Time Off: PTO and Sick Leave (starting at 20 days per year) & Holidays (10 per year), Parental Leave, Military Leave, Bereavement

Additional Perks: Nursing Mothers Benefits, Voluntary Legal, Pet Insurance, Employee Discount Program

We strive to create an environment where all employees are empowered to succeed based on their skills, performance, and dedication. Our goal is to cultivate a culture of belonging that encourages innovation, collaboration, and respect for all team members, ensuring that WWT remains a great place to work for All!

If you have any questions or concerns about this posting, please email [email protected] .

#LI-MP1