Cyber Defense Center Team Lead

Location :

4910 Tiedeman Road - Brooklyn, Ohio 44144

Full Time|2nd Shift (1 PM EST - 10 PM EST, Monday-Friday)

Our Cyber Threat Response team (aka the SOC) rolls up into Key's broader Cyber Defense function within Corporate Information Security. Cyber Defense's mission is simple : We aim to Deter, Detect, Deny, and Disrupt adversaries through proactive threat-centric defense.

Are you a seasoned cybersecurity professional with a passion for leading from the front lines of cyber defense? We're seeking a dynamic and technically proficient Security Operations Center (SOC) Team Lead to oversee second-shift operations within our Cyber Threat Response team. In this crucial role, you'll lead daily SOC activities, ensuring swift and effective triage of security events and incidents. You'll serve as a technical escalation point, mentor and develop analysts, and foster a high-performance culture rooted in accountability, continuous improvement, and operational excellence. This is an opportunity for a self-driven leader to make a tangible impact in a fast-paced, mission-critical environment.

Key Responsibilities

• Lead and support SOC analysts during the second shift, ensuring effective monitoring, triage, containment, and response to security incidents.
• Coordinate incident response activities and ensure prompt documentation and resolution.
• Maintain and improve shift-specific SOC processes, playbooks, and standard operating procedures.
• Produce comprehensive incident reports with root cause analysis, timelines, and recommended corrective actions.
• Continuously improve SOC performance by tracking and reporting on key metrics such as mean time to detect (MTTD), mean time to respond (MTTR), and false positive rates. Use data to drive process optimization and analyst efficiency.
• Participate in tabletop and purple team exercises.
• Conduct proactive threat hunting and analysis to identify emerging threats and vulnerabilities.
• Providing detailed shift handover reports, collaborating with other shift leads to ensure operational continuity.
• Serve as an escalation point, mentor and develop SOC analysts, raising the technical bar through case reviews, scenario-based training, and real-time guidance during critical events.
• Stay current with evolving threat landscapes and recommend improvements to tools, processes, and detection strategies. Understand threats across infrastructure, application, and cloud layers.
• Support Incident Response and Detection Engineering development activities.
• Ability to provide after-hours support as part of a monthly scheduled on-call rotation.
• Contribute to post-incident reviews and lessons learned, helping improve detection logic, containment actions, playbooks, and response strategy over time.

Required Qualifications

Preferred Certifications

COMPENSATION AND BENEFITS

This position is eligible to earn a base salary in the range of $94,000.00 - $175,000.00 annually. Placement within the pay range may differ based upon various factors, including but not limited to skills, experience and geographic location. Compensation for this role also includes eligibility for incentive compensation subject to individual and company performance.

Please click here for a list of benefits for which this position is eligible.

Job Posting Expiration Date : 12 / 02 / 2025

KeyCorp is an Equal Opportunity Employer committed to sustaining an inclusive culture. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, genetic information, pregnancy, disability, veteran status or any other characteristic protected by law.

Qualified individuals with disabilities or disabled veterans who are unable or limited in their ability to apply on this site may request reasonable accommodations by emailing HR_Compliance@keybank.com.