About RADICL

As the leading provider of Cybersecurity-as-a-Service (CSaaS), RADICL is revolutionizing advanced cyberthreat protection for small and medium-sized businesses (SMBs) in the U.S. Defense Industrial Base (DIB) and other regulated industries. No longer should SMBs be satisfied with lack luster solutions delivering lack luster protection. RADICL is ushering in a new era of turn-key and affordable cyberthreat protection via its AI-powered virtual SOC platform that allows human and digital agents to quickly and seamlessly become SMBs’ day-to-day compliance and security operations team. 

RADICL’s turn-key CSaaS offering uniquely combines compliance management with AI and expert-driven 24/7 security operations. We guide customers to regulatory and best practice adherence with standards like CMMC and NIST CSF while also delivering 24/7 threat monitoring, deep-spectrum™ threat hunting, incident response, vulnerability management, and security awareness training. 

With RADICL, customers can stay mission focused, confident their front, rear, and flank are protected, affordably and without compromise. 

If you’re excited about working with industry experts to help SMBs focus on growing their businesses without the constant worry of security and compliance risks, we invite you to join us in our mission to protect American businesses and drive innovation in cybersecurity.

About the role

The SOC Manager is responsible for leading the day-to-day operations of the RADICL vSOC. This role directly manages a team of security analysts across all tiers, ensuring 24×7 coverage through disciplined shift scheduling, rigorous escalation management, and continuous process improvement. The SOC Manager serves as the critical bridge between front-line analyst operations and the broader security programs — including incident response, threat intelligence, threat hunting, and detection engineering — ensuring seamless integration of analyst triage and investigation workflows into each discipline.

If the above excites you, RADICL Defense is seeking high performing, motivated individuals to join our mission. As an early member, you will work closely alongside an experienced founding team and realize the life-changing experience of building a company. You will work with the latest technologies in software, cybersecurity, and cloud and will have a significant impact on the formation of our platform and offering.

About You
You enjoy fast-paced environments, bring a positive attitude, and excel at getting things done.  You enjoy being part of a high performing team and are also able to self-direct and self-start.  You consider yourself to be top tier talent and are eager to help others raise their game.  You enjoy working with customers, are an excellent communicator, and able to engage and interact with people of various backgrounds and skill levels.  You want your work to have meaning, to be important.  You want to be part of creating something great.

As a RADICL SOC Manager, you will:

• Team Leadership & People Management

•     Directly manage a team of Tier 1, Tier 2, and Tier 3 security analysts, providing day-to-day leadership, coaching, mentorship, and performance management.

•     Conduct regular 1:1s, team meetings, and performance reviews; set clear goals and development plans aligned with individual and organizational objectives.

•     Foster a high-performance, collaborative SOC culture with a focus on analyst growth, retention, and well-being across a 24×7 operational environment.

•     Manage shift handoffs, holiday coverage, and surge staffing plans to address operational gaps without analyst burnout.

•     Participate in hiring, onboarding, and skills development initiatives for the analyst team.

• Escalation Management

•     Own and continuously refine the SOC escalation framework, ensuring clearly defined escalation paths, SLAs, and communication protocols.

•     Serve as an escalation point for complex, high-severity, or ambiguous security events, providing real-time guidance and decision-making support to analysts.

•     Coordinate escalations to client security teams, executive stakeholders, and third-party responders as required, maintaining clear and timely communication throughout.

•     Conduct post-escalation reviews to identify process gaps and drive continuous improvement.

•  Integration with Incident Response

•     Ensure analyst triage and investigation workflows are tightly integrated with the MDR incident response lifecycle, from initial detection through containment, eradication, and recovery.

•     Collaborate with the Incident Response team to define and document IR playbooks, ensuring analysts are trained and prepared to execute them effectively.

•     Oversee analyst participation in incident response activities, coordinating handoffs and maintaining situational awareness during active incidents.

•     Conduct or facilitate post-incident reviews (PIRs) with the analyst team to extract lessons learned and drive process improvements.

• Integration with RADICL RAID Team (Adversary Intelligence and Detection Engineering)

•     Partner with the RAID team to operationalize intelligence within the SOC, ensuring analysts are consuming and applying relevant TI in their daily triage and investigation activities.

•     Facilitate regular TI briefings and knowledge-sharing sessions to keep the analyst team current on adversary TTPs, active threat campaigns, and client-relevant intelligence.

•     Provide operational feedback to the RAID team on intelligence relevance, gaps, and analyst consumption patterns to continuously refine RAID outputs.

•     Coordinate analyst involvement in threat hunting initiatives, including providing operational context and making analyst expertise available for collaborative hunts.

•     Ensure hunt outcomes are fed back into SOC runbooks

•     Serve as the primary operational voice into the Detection Engineering program, surfacing analyst feedback on alert fidelity, false positive rates, detection coverage gaps, and tuning opportunities.

•     Coordinate structured feedback loops between analysts and detection engineers to drive continuous improvement in detection rule quality and alert triage efficiency.

•     Participate in detection review processes, contributing operational context to prioritization decisions for new detections and tuning initiatives.

•  Metrics, Reporting & Continuous Improvement

•     Define, track, and report on key SOC operational metrics

•     Deliver regular operational reports and briefings to leadership, highlighting trends, risks, and opportunities.

•     Identify and drive continuous improvement initiatives across SOC processes, tooling, automation, and analyst workflows.

•     Maintain and continuously improve SOC runbooks, playbooks, and standard operating procedures (SOPs).

Your skillset/experience should include:

• Required Qualifications

•     5+ years of experience in security operations, MDR, or a managed security services environment, with at least 2 years in a team lead or management role.

•     Demonstrated experience managing a 24×7 SOC or security analyst team, including shift scheduling and on-call management.

•     Deep understanding of the SOC analyst workflow — from alert triage and investigation through escalation and incident response handoff.

•     Working knowledge of threat intelligence frameworks (e.g., MITRE ATT&CK, Diamond Model, Kill Chain) and how TI is operationalized in a SOC.

•     Familiarity with threat hunting methodologies and detection engineering practices (e.g., Sigma rules, SIEM query development).

•     Strong incident response background, including experience executing or overseeing IR playbooks and post-incident reviews.

•     Experience with SIEM platforms (e.g., Splunk, Microsoft Sentinel, Chronicle, Elastic), EDR tools, and SOAR platforms.

•     Proven ability to manage escalations under pressure, with clear, professional communication to technical and executive stakeholders.

•     Strong people management and coaching skills with a track record of developing analyst talent.

•     Excellent written and verbal communication skills.

• Preferred Qualifications

•     Bachelor's degree in Computer Science, Information Security, or related field (or equivalent experience).

•     Industry certifications such as CISSP, CISM, GSOM, GCIA, GCIH, or equivalent.

•     Experience in a commercial MDR or MSSP environment with multi-tenant client responsibilities.

•     Experience implementing or improving SOC automation and AI or SOAR-driven playbooks.

•     Familiarity with frameworks such as CMMC, NIST CSF, SOC 2, or ISO 27001 in the context of managed security service delivery.

About the Workplace
At RADICL, we prioritize our culture and believe the strongest teams are built through daily, side-by-side collaboration and experiential sharing. We also value individual freedom and flexibility. For this reason, we have a hybrid work model. As a team, we are in office M/W/Th with work-from-home on Tuesdays and Fridays. For remote positions, periodic travel to Boulder will be expected to participate in company events and meaningful side-by-side collaboration opportunities.

RADICL offices are in downtown Boulder, Colorado with easy-to-access employee parking provided by the company. We offer comprehensive, competitive benefits including health, dental, and vision as well as 401K and a responsible PTO plan.

We encourage motivated, talented, mission-oriented, and fun people to apply. Let’s do this!