About the role
Location: Remote (US-based)
About Dispel:
Dispel is the fastest-growing cybersecurity company recognized in the 2025 Cybersecurity Excellence Awards. We deliver zero trust secure remote access and real-time data streaming for operational technology (OT) and industrial control systems (ICS). Our patented Moving Target Defense technology — referenced in NIST 800-172 — protects critical infrastructure for utilities serving 54 million+ people, manufacturers producing over 50% of US baby formula, and major defense contracts including a $950M IDIQ with the US Air Force.
Why This Role Exists:
Dispel is pursuing FedRAMP High authorization while simultaneously operating a commercial security program. We have a functioning SOC built on Google SecOps (Chronicle) and SentinelOne, but we need a senior IC who can take it from "stood up" to "operationally mature." You'll own the log ingestion pipeline end-to-end and drive material expansion of coverage across federal and commercial environments, including AWS, Azure, and Entra ID.
This person will be the day-to-day technical owner of SOC operations, responsible for closing coverage gaps, building detections, maturing incident response, and providing senior technical direction to the existing SOC analyst. This is a hands-on-keyboard role with leadership expectations — you will not formally manage people, but you will set priorities, review deliverables, and drive execution across the SOC function.
Requirements
Key Responsibilities:
SIEM/SOAR Operations (Google SecOps)
- Own the log ingestion pipeline end-to-end: identify gaps, build feeds, validate parsing, maintain coverage dashboards
- Close the federal logging gap and stand up commercial logging across AWS, Azure, Entra ID, and SaaS
- Activate and configure SecOps SOAR capabilities including Domain-Wide Delegation, marketplace integrations, and bidirectional response actions
- Build and maintain SOAR playbooks for major incident types such as phishing, malware, account compromise, lateral movement, and cloud-specific threats