Home › Companies › Truezerotech › SOC Analyst- Shift Lead (R-00124)
SOC Analyst- Shift Lead (R-00124)
Truezerotech · Topeka, KS · On Site · Active · Lever
Job facts
| Field | Value |
|---|---|
| Company | Truezerotech |
| Title | SOC Analyst- Shift Lead (R-00124) |
| Normalized title | - |
| Department / team | Security Resilience / Security Analyst Team |
| Location | Topeka, KS, United States |
| Work model | On Site |
| Employment type | Full Time |
| Salary | - |
| Status | active |
| ATS provider | Lever |
| Posted / first seen | 2026-02-18 / 2026-05-29 |
| Changed / last seen | 2026-05-29 / 2026-06-06 |
Related slices
| Page | What it contains | Open |
|---|---|---|
| Company jobs | Active postings from Truezerotech. | Open |
| Company breakdowns | Role, location, ATS, and work model facets for this company. | Open |
| ATS provider jobs | Active postings observed through Lever. | Open |
| Provider filtered search | The same provider as a filtered job collection. | Open |
| City jobs | Active postings in Topeka. | Open |
| Department jobs | Active postings in Security Resilience. | Open |
| Work model jobs | Active On Site postings. | Open |
| Lifecycle events | Open, update, close, and reopen events for this posting. | Open |
| Original posting | Canonical source or apply URL captured from the ATS. | Open |
Linked records
| Company | Truezerotech |
| Source | fd7b3fad-f07f-4438-ad90-754976718dfe |
| ATS provider | Lever |
Description
True Zero Technologies, a veteran-owned small business, was founded on the principle that the purposeful enablement of people and technology in an organization directly ties to the quality of its outcomes. True Zero recognizes that those outcomes begin and end with our people, and that is what we have built a community of like-minded, driven, and passionate individuals and innovators who are aligned in a common goal of delivering top-tier services to our customers. Our culture and commitment have been recognized through numerous accolades, including being named one of the Best Places to Work in 2023 in two categories (“Prosperous and Thriving” ($5MM–$50MM in gross revenue) and “Mid-Atlantic Region” (DC, DE, MD, NC, VA, WV)), and again in 2025 as a Best Places to Work honoree. In addition, True Zero earned coveted spots on the Inc. 5000 list of fastest-growing companies in America in 2022, 2023, and 2025, a testament to our sustained growth driven by our people-first approach and unwavering dedication to excellence.
We’re actively searching for talented security and technology practitioners who are ready to experience the True Zero difference. As a True Zero team member, you'll enjoy:
- Competitive salary, paid twice per month
- Best in class medical coverage
- 100% of medical premiums covered by True Zero
- Company wide new business incentive programs
- Contribution Incentives (i.e. white papers, blog posts, internal webinars, etc.)
- 3 weeks of PTO starting + 11 Paid Holidays Annually
- 401k Program with 100% company match on the first 4%
- Monthly reimbursement of Cell Phone and Home Internet costs
- Paternity/Maternity Leave
- Investment in training and certifications to broaden and deepen your technical skills
Job Responsibilities
Supervise and mentor SOC Analysts
Assign and balance workload across analysts and shifts
Monitor queue health, SLA compliance, and alert backlog
Conduct regular performance check-ins
Address quality gaps and provide corrective guidance
Reinforce adherence to documented playbooks and procedures
Primary Focus: Ensure consistent and effective analyst performance.
Hands-On Monitoring & Investigation
Perform daily alert triage alongside SOC Analysts
Conduct investigations on moderate to high-severity alerts
Lead or directly support complex or multi-system investigations
Validate alert classifications and case documentation
Participate in shift coverage as needed
Primary Focus: Maintain technical engagement and operational credibility.
Serve as the first escalation point for analysts
Lead investigations for high-severity incidents
Coordinate response actions with internal stakeholders
Ensure timely and accurate communication during incidents
Drive investigations to clear, defensible conclusions
Primary Focus: Maintain operational control during critical events.
Investigation Quality & Case Governance
Review analyst investigations for accuracy and completeness
Approve or return cases prior to closure
Ensure proper evidence collection and timeline documentation
Enforce consistent tagging, classification, and case hygiene
Primary Focus: Protect the integrity of SOC output.
Process & Continuous Improvement
Maintain and update SOC playbooks and workflows
Identify inefficiencies in monitoring or case handling
Provide feedback on alert tuning and automation improvements
Capture and integrate lessons learned
Stakeholder Coordination
Respond to formal information requests within defined SLAs
Serve as liaison between SOC analysts and leadership
Support audits, reporting, and compliance requirements
Participate in shift handoffs and operational planning
Primary Focus: Maintain trust and communication across teams.
Workload Segmentation (Approximate)
30% – Direct Monitoring & Investigation Work
25% – Escalation & High-Severity Incident Leadership
20% – Team Management & Performance Oversight
15% – Investigation Quality Review & Case Governance
10% – Process Improvement & Documentation
Percentages may shift during major incidents or staffing changes.
Job Qualifications
Onsite is required
Prior experience as a SOC Analyst or Senior Analyst
Demonstrated ability to lead or coordinate investigations
Experience mentoring or supervising analysts
Strong knowledge of: SIEM platforms (Splunk or equivalent) EDR tools, Network, authentication, and endpoint telemetry
Strong documentation and communication skills
Ability to make sound decisions in time-sensitive situations
CompTIA Security+ or CySA+ (or equivalent)
Experience in incident response or threat hunting
Familiarity with NIST, CIS, CJIS, or similar frameworks
Experience with case management multiple platforms
Scripting/query experience (SPL, KQL, SQL, Python)
Experience in regulated or government environments
GCIH, GCIA, GCED or equivalent
Core Competencies include: Technical leadership, operational accountability, coaching and mentorship, analytical problem-solving, process discipline, clear written and verbal communication, ability to lead under pressure
Role Notes:
This is both a management and technical role.
The Team Lead is expected to maintain hands-on investigative capability.
Operational response takes priority during active incidents.
Decisions made in accordance with approved documentation are supported.
The Team Lead is accountable for team output, not just individual cases.
This role serves as the primary contact point with state wide cybersecurity collaboration.
Managing weekend coverage may be necessary.
Full job record
| Job ID | 68eb54ca6b67edbe97f464f2a8e825ca15d54f5e |
| Org ID | 7db049a1-c308-497e-8ef0-4ae8ac5e3083 |
| Source ID | fd7b3fad-f07f-4438-ad90-754976718dfe |
| Board ID | fd7b3fad-f07f-4438-ad90-754976718dfe |
| Provider | lever |
| Provider Job Key | 0af22d0c-7684-4893-bbf0-5ab415160021 |
| Title | SOC Analyst- Shift Lead (R-00124) |
| Normalized Title | — |
| Status | active |
| Active | yes |
| Location Text | Topeka, KS |
| Department | Security Resilience |
| Team | Security Analyst Team |
| Employment Type | Full-Time |
| Workplace Type | on_site |
| Remote Policy | — |
| Country | United States |
| Region | KS |
| City | Topeka |
| Salary Raw | — |
| Salary Min | — |
| Salary Max | — |
| Salary Currency | — |
| Salary Period | — |
| Source URL | https://jobs.lever.co/truezerotech/0af22d0c-7684-4893-bbf0-5ab415160021 |
| Apply URL | https://jobs.lever.co/truezerotech/0af22d0c-7684-4893-bbf0-5ab415160021/apply |
| First Seen At | 2026-05-29 07:10:49Z |
| Last Seen At | 2026-06-06 07:57:40Z |
| Last Checked At | 2026-06-06 07:57:40Z |
| Last Changed At | 2026-05-29 07:10:49Z |
| Inactive At | — |
| Source Posted At | 2026-02-18 14:41:09Z |
| Source Updated At | — |
| Raw Payload Uri | s3://job-postings-prod-raw-590183727216/raw/provider=lever/board=truezerotech/date=2026-06-06/2026-06-06T07-57-39-812Z-1045bbe10c37aeac86194b1520ffe5fb98c894a8df85083f72f1b39f5b247cf1.json |
Event Fields
{
"content_hash": "6cc8e37c7bbd89e8e114ff45d7ced97d35bb7cf3bfd6669c3dc14c082ed91b64",
"source_hash": "73e73de53fe8a41d38a59ce82235d3fba6f7551e0f473a31830ea64daa5532e7",
"last_changed_at": "2026-05-29T07:10:49.241Z",
"active_status": "active"
}Parsed Structured
{
"language": "en",
"location": {
"raw": "Topeka, KS",
"city": "Topeka",
"region": "KS",
"country": "United States",
"is_remote": false,
"confidence": 0.9
},
"salary_max": null,
"salary_min": null,
"inferred_at": "2026-06-06T07:57:40.711Z",
"launch_scope": {
"reason": "english_us_canada",
"included": true,
"language": "en",
"location": {
"raw": "Topeka, KS",
"city": "Topeka",
"region": "KS",
"country": "United States",
"is_remote": false,
"confidence": 0.9
},
"countries": [
"United States"
]
},
"remote_policy": null,
"salary_period": null,
"workplace_type": "on_site",
"salary_currency": null
}Extensions
{}Native Structured
{
"lists": [
{
"text": "Job Responsibilities ",
"content": "\n<li>Supervise and mentor SOC Analysts</li>\n<li>Assign and balance workload across analysts and shifts</li>\n<li>Monitor queue health, SLA compliance, and alert backlog</li>\n<li>Conduct regular performance check-ins</li>\n<li>Address quality gaps and provide corrective guidance</li>\n<li>Reinforce adherence to documented playbooks and procedures</li>\n<li>Primary Focus: Ensure consistent and effective analyst performance.</li>\n<li>Hands-On Monitoring & Investigation</li>\n<li>Perform daily alert triage alongside SOC Analysts</li>\n<li>Conduct investigations on moderate to high-severity alerts</li>\n<li>Lead or directly support complex or multi-system investigations</li>\n<li>Validate alert classifications and case documentation</li>\n<li>Participate in shift coverage as needed</li>\n<li>Primary Focus: Maintain technical engagement and operational credibility.</li>\n<li>Serve as the first escalation point for analysts</li>\n<li>Lead investigations for high-severity incidents</li>\n<li>Coordinate response actions with internal stakeholders</li>\n<li>Ensure timely and accurate communication during incidents</li>\n<li>Drive investigations to clear, defensible conclusions</li>\n<li>Primary Focus: Maintain operational control during critical events.</li>\n<li>Investigation Quality & Case Governance</li>\n<li>Review analyst investigations for accuracy and completeness</li>\n<li>Approve or return cases prior to closure</li>\n<li>Ensure proper evidence collection and timeline documentation</li>\n<li>Enforce consistent tagging, classification, and case hygiene</li>\n<li>Primary Focus: Protect the integrity of SOC output.</li>\n<li>Process & Continuous Improvement</li>\n<li>Maintain and update SOC playbooks and workflows</li>\n<li>Identify inefficiencies in monitoring or case handling</li>\n<li>Provide feedback on alert tuning and automation improvements</li>\n<li>Capture and integrate lessons learned</li>\n<li>Stakeholder Coordination</li>\n<li>Respond to formal information requests within defined SLAs</li>\n<li>Serve as liaison between SOC analysts and leadership</li>\n<li>Support audits, reporting, and compliance requirements</li>\n<li>Participate in shift handoffs and operational planning</li>\n<li>Primary Focus: Maintain trust and communication across teams.</li>\n<li>Workload Segmentation (Approximate)</li>\n<li>30% – Direct Monitoring & Investigation Work</li>\n<li>25% – Escalation & High-Severity Incident Leadership</li>\n<li>20% – Team Management & Performance Oversight</li>\n<li>15% – Investigation Quality Review & Case Governance</li>\n<li>10% – Process Improvement & Documentation</li>\n<li>Percentages may shift during major incidents or staffing changes.</li>\n"
},
{
"text": "Job Qualifications ",
"content": "\n<li>Onsite is required</li>\n<li>Prior experience as a SOC Analyst or Senior Analyst</li>\n<li>Demonstrated ability to lead or coordinate investigations</li>\n<li>Experience mentoring or supervising analysts</li>\n<li>Strong knowledge of: SIEM platforms (Splunk or equivalent) EDR tools, Network, authentication, and endpoint telemetry</li>\n<li>Strong documentation and communication skills</li>\n<li>Ability to make sound decisions in time-sensitive situations</li>\n<li>CompTIA Security+ or CySA+ (or equivalent)</li>\n<li>Experience in incident response or threat hunting</li>\n<li>Familiarity with NIST, CIS, CJIS, or similar frameworks</li>\n<li>Experience with case management multiple platforms</li>\n<li>Scripting/query experience (SPL, KQL, SQL, Python)</li>\n<li>Experience in regulated or government environments</li>\n<li>GCIH, GCIA, GCED or equivalent</li>\n<li>Core Competencies include: Technical leadership, operational accountability, coaching and mentorship, analytical problem-solving, process discipline, clear written and verbal communication, ability to lead under pressure</li>\n<li><strong>Role Notes:</strong></li>\n<li>This is both a management and technical role.</li>\n<li>The Team Lead is expected to maintain hands-on investigative capability.</li>\n<li>Operational response takes priority during active incidents.</li>\n<li>Decisions made in accordance with approved documentation are supported.</li>\n<li>The Team Lead is accountable for team output, not just individual cases.</li>\n<li>This role serves as the primary contact point with state wide cybersecurity collaboration.</li>\n<li>Managing weekend coverage may be necessary.</li>\n"
}
],
"country": "US",
"createdAt": 1771425669862,
"updatedAt": null,
"categories": {
"team": "Security Analyst Team",
"location": "Topeka, KS",
"commitment": "Full-Time",
"department": "Security Resilience",
"allLocations": [
"Topeka, KS",
"Kansas, USA"
]
},
"salaryRange": null,
"workplaceType": "onsite"
}Get this page with API
Rendered from the bluedoor Job Postings API. Reproduce it:
GET https://api.bluedoor.sh/job-postings/v1/jobs/68eb54ca6b67edbe97f464f2a8e825ca15d54f5e?include=descriptionJSONGET https://api.bluedoor.sh/job-postings/v1/orgs/7db049a1-c308-497e-8ef0-4ae8ac5e3083JSONGET https://api.bluedoor.sh/job-postings/v1/sources/fd7b3fad-f07f-4438-ad90-754976718dfeJSONGET https://api.bluedoor.sh/job-postings/v1/jobs/68eb54ca6b67edbe97f464f2a8e825ca15d54f5e/eventsJSON