Job Description

Job Description

Lead Cybersecurity Analyst

Location: San Antonio, TX (100% Onsite)

Compensation: Up to $115,000 Base Salary

Schedule: Monday–Friday, 8:00am–4:00pm CST

Our client, an award-winning MSSP, is seeking a skilled and motivated Lead Cybersecurity Analyst to guide Tier 2 SOC operations and elevate their cyber defense capabilities. This is a high-impact role for a hands-on leader who excels in Microsoft Sentinel, KQL development, incident response, and mentoring SOC analysts.

Why This Role Matters

As the Lead Analyst, you will act as the primary escalation point for complex investigations, drive SOC readiness, and play a key role in shaping detection logic, alert fidelity, and overall security posture. You’ll have the opportunity to influence processes, train analysts, and lead during major cyber incidents.

Key Responsibilities

• Provide daily direction and SME-level support for Tier 2 SOC analysts
• Act as the primary escalation point for complex alerts and investigations
• Manage security ticket workflows and ensure SLA-aligned escalations
• Lead response efforts during high-severity cyber incidents
• Maintain continuous monitoring for threats impacting business operations
• Review investigations for quality, accuracy, and documentation completeness
• Build and maintain SOC runbooks, procedures, and response playbooks
• Train Tier 2 analysts in Microsoft Sentinel, KQL, and investigative techniques
• Improve detection logic, alert tuning, and use case fidelity
• Support data source onboarding, sensor placement, and log coverage enhancements
• Produce detailed and executive-level reports on SOC activity and trends
• Conduct threat trend analysis and recommend strategic improvements
• Manage scheduling for Tier 2, including PTO rotation

Required Experience

• 5+ years of cybersecurity operations experience
• Minimum 2 years in a Tier 2 or advanced SOC role
• 3+ years of Microsoft Sentinel experience
• Strong proficiency in KQL query development, dashboards, and training others on Sentinel
• Deep understanding of SOC operations, detection engineering, and incident response
• Experience with SIEM, SOAR, EDR, IDS/IPS, and cloud-native logging solutions
• Strong communication skills, capable of producing both technical and executive-level reports
• Ability to stay calm, focused, and decisive during major incidents
• Experience leading, mentoring, and developing SOC analysts

Preferred Certifications

• Microsoft SC-200 (required by end of Q4)
• Microsoft SC-100
• Microsoft SC-300
• CISA ICS 301
• CompTIA CySA+
• ISC2 CISSP
• OffSec OSCP

Additional Details

• 100% onsite role in San Antonio, TX
• Standard hours: 8:00am–4:00pm CST, Monday–Friday
• Join a high-performing, award-winning MSSP with a strong reputation for innovation and security excellence

If you’re passionate about elevating SOC operations, strengthening detection capabilities, and mentoring the next generation of cybersecurity analysts, this is an opportunity to make a lasting impact.

Interested? Get in touch and let’s discuss. tom@oliverparks.com

Job Tags

Similar Jobs