SOC Supervisor

Benefits

Additional Information

CTS delivers comprehensive IT solutions to meet the unique demands of mission-driven organizations. We have deep expertise in supporting nonprofits and educational institutions, however our team is equipped to handle the complexities of IT across a variety of sectors. We're committed to making technology work seamlessly, so our clients can focus on making a difference, regardless of their industry. At CTS, we believe in building a company culture that fosters growth, collaboration, and innovation. By joining our team, you will not only help empower businesses with cutting-edge IT solutions but also build a rewarding career in a dynamic and supportive environment. Discover the many reasons why CTS is a great place to advance your career. We are headquartered in Brooklyn, NY with 90+ employees across the US and several other countries. Learn more about us at https://www.charterts.com JOB SUMMARY We are seeking an experienced SOC Supervisor to lead the day-to-day operations of our Security Operations Center. This role is responsible for managing SOC personnel, overseeing alert and incident response workflows, ensuring service levels and quality standards are met, and driving continuous operational improvement. The SOC Supervisor serves as both a tactical leader and a strategic manager. On the tactical side, this person oversees queue health, coordinates major incident response, removes blockers for engineers, and acts as the highest point of operational escalation. On the strategic side, the role focuses on people leadership, process governance, KPI reporting, quality assurance, and SOC maturity initiatives. This is a leadership role for someone who can balance operational oversight, incident command, coaching and development, and continuous process improvement in a fast-paced managed services environment. ROLE & RESPONSIBILITIES Operational Oversight & Incident Handling Oversee daily SOC operations and monitor the health of the alert and ticket queue Balance workloads across SOC team members to ensure efficient operations Act as Incident Commander during critical or high-impact security incidents Lead communications with customers, internal IT teams, and executive stakeholders during major incidents Ensure the team consistently meets SLAs for triage, response, escalation, and resolution Remove technical, operational, or cross-functional blockers impacting investigations Serve as the highest point of operational escalation for the team or shift Review handoff logs and ensure continuity across shifts Team Leadership & People Management Lead, coach, and develop SOC staff across multiple experience levels Conduct regular 1-on-1 meetings focused on performance, growth, and career development Manage shift schedules, coverage plans, on-call rotations, and time-off requests Build training plans and support skill development for junior and mid-level analysts Address performance, behavioral, and engagement issues promptly and professionally Foster a collaborative, accountable, and blameless team culture Support internal talent progression and promotion readiness Quality Assurance Conduct regular QA reviews of closed, escalated, and high-impact tickets Ensure SOC documentation is accurate, complete, professional, and audit-ready Identify recurring quality issues or knowledge gaps across the team Provide clear, actionable feedback to improve analysis quality and communication Address stakeholder feedback related to investigation quality or customer communication Process Governance & Playbooks Enforce the use of approved playbooks, SOPs, and standardized workflows Ensure team members contribute to the creation and maintenance of playbooks Review and approve updates to core SOC processes and response procedures Maintain operational compliance with internal standards and relevant regulatory requirements Drive consistency in incident handling and reduce reliance on tribal knowledge Operational Improvement Analyze SOC metrics such as time to triage, time to contain, response efficiency, and queue aging Identify process bottlenecks and implement workflow improvements Advocate for tooling enhancements, automation opportunities, and detection tuning Partner with Detection Engineering, Threat Intelligence, IT, and other teams to close operational gaps Reduce analyst fatigue and false positives through process and technology improvements Help mature the SOC from a reactive function into a proactive security operation Reporting, Communication & Ownership Generate and present KPI and performance reporting to leadership on a regular basis Provide accurate, transparent updates on SOC operations, risks, and team performance Represent the SOC in cross-functional meetings and stakeholder discussions Proactively identify risks to service delivery, including staffing shortages, tooling issues, and process gaps Take accountability for team outcomes and lead root cause analysis and corrective a