Triage Shift Lead, Security Operations

Ready to make an impact? Arctic Wolf is looking for a Triage Shift Lead, Security Operations to join our pack, based in Germany

Arctic Wolf, fresh off its unicorn valuation, is the leader in security operations in an exciting and fast-growing industry—cybersecurity. How fast are we growing? Well, Arctic Wolf was highly ranked in the Deloitte Fast Technology 500 for North America in both 2019 (#25) and 2020 (#104)! We have doubled headcount, customers, and revenue for five years running. 

About  the Role:  

The Triage Shift Lead, Security Operations is responsible for all day-to-day team operations of the SOC (Security Operations Center) Triage Security Engineers and Analysts. The team delivers 24x7x365 detection, response, and customer engagement for our portfolio of services. The Triage Shift Lead will own resolving tactical issues, customer escalations, ensure accuracy of shift handovers, and see to it that the shift is operating at the desired throughput and execution excellence. The Shift Lead will be responsible for the day-to-day operational SLO metrics attainment, prioritization of shift work, and acting as the escalation point for all Security Analysts and Engineers. This team member is a technical individual with a desire to lead a highly cohesive team and can act as a stand-in for all levels of triage. The successful candidate is extremely well organized and has excellent communication skills. This team member is the first point of escalation for all shift team members and possesses the ability to effectively drive the assigned team to meet shift goals. 

The Triage Shift Lead will be part of a shift rotation of days, nights, and weekends, and will manage the tactical elements of both outbound and inbound triage and handovers. This team member will have clean and crisp handovers to incoming shifts, and all customer escalations are handled proactively, promptly, and with the required level of urgency. This candidate will ensure that processes are adhered to and will help evolve the day-to-day aspects of the nuances of shift handovers.  

This role reports to the Director of Security Operations and will provide effective feedback and suggestions on ways to improve. The ability to influence all different shift team members is a skill that this candidate possesses.   

This role is a shift-based role that will average out to 40 hours / week comprised of various nights, weekends, and day shifts as part of a regular rotation.  

• Manage the day-to-day escalations, shift handovers, and execution of the shift teams for both inbound and outbound triage. 
• Strive to get the best out of each team member on shift by setting goals, measuring execution of the goals, providing feedback, and removing obstacles. 
• Act as the escalation point for all tactical aspects of the role including customer escalations and internal communications. 
• Facilitate with other Triage Shift Leads, strong alignment, and cohesion across teams.  
• Ensure all S2 service level SLO’s are monitored, execute resourcefully when staffing requirements demand. 

• Provides leadership during security events. Ensure that team members can perform their role effectively and follow the proper process to full success within the team delivering high value to customers. Additionally, it may be required to generate a report of major security incidents as assigned. 
• Develop, enhance, measure, and leverage metrics to make better informed decisions on how to improve the shift throughput, cohesion, and adherence to SLOs.  
• Understand volume-driven leading indicators and jump in when needed for any role that requires support while on shift. 

 Required Skills and Experience:  

• A degree in Cybersecurity or equivalent and/or experience working and managing within a Security Operations Center or Network Operations Center.   
• Desire to lead technically minded individual contributors. 
• Passion for Cybersecurity. Continually learning new attack vectors, new threats, and security framework expertise.  
• Knowledge of industry adopted frameworks and methodologies (MITRE ATT&CK, CIS, NIST, ISO, PCI-DSS, etc.) 
• Proven ability to rapidly analyze complex technical security threats and incident information to be able to communicate business-impacting risk to non-technical audiences. 
• Ability to work independently, manage projects, and exercise judgement in reaching solutions. 
• Strong verbal and written communication required. Must be able to articulate written information to customers. 
• Team player – always looking out for peers, leaders, and other stakeholders within Arctic Wolf. 
• You will be required to attend training, seminars, conferences, and webinars relevant to job role to enhance current knowledge base and skill set to improve job performance and efficiency.  

Security Requirements:

• Conducts duties and responsibilities in accordance with AWN’s Information Security policies, standards, processes and controls to protect the confidentiality, integrity and availability of AWN business information.
• Background checks are required for this position

And you may have these additional skills and experience: 

• Experience with Elastic Stack, Kibana, and/or Zendesk a plus   
• Education such as Bachelor’s or Master’s Degree in the areas of IT/Computer Science or Cybersecurity as desirable  
• Other industry certifications such as CISSP, CASP, and other security operations relevant certifications are desirable. 

Employment Requirements: 

Each successful candidate will be required to pass a criminal background check and employment verification as a condition of employment. 

Arctic Wolf is an Equal Opportunity Employer and considers applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, genetics, or any other basis forbidden under federal, provincial, or local law.

Arctic Wolf is committed to fostering a welcoming, accessible, respectful, and inclusive environment that ensures equal access and participation for people with disabilities. Please let us know if you require any accommodation by email: [email protected].