Job Summary
The Lead SOC Analyst is responsible for leading the daily operations of the Security Operations Center (SOC) while actively participating in threat detection, investigation, and response activities. This role operates in a player/coach capacity, balancing hands-on incident response with team leadership, process development, and SOC maturity initiatives.
The Lead SOC Analyst serves as the primary point of coordination between the internal SOC and external managed detection and response (MDR) provider, ensuring effective monitoring, escalation, and response to security events. This role is also responsible for developing and maintaining SOC processes, playbooks, and documentation to improve the organization’s overall security posture.
This role reports to the Manager of Cyber Defense.
Location: this role must work on-site, full-time out of our Grand Rapids, MI office
Principal Duties and Responsibilities
SOC Operations and Incident Response
- Act as the senior escalation point for security incidents, providing hands-on investigation and response.
- Perform advanced threat hunting, incident analysis, and root cause determination.
- Lead and coordinate incident response activities across IT, infrastructure, and application teams.
- Validate and enrich alerts generated by internal tools and external MDR provider.
- Ensure timely containment, remediation, and closure of security incidents.
MDR Vendor Management
- Serve as the primary operational liaison with our MDR provider.
- Manage day-to-day interactions including alert triage alignment, escalation handling, and service quality.
- Review MDR detections, investigations, and recommendations for accuracy and relevance.
- Identify and drive improvements in detection coverage, alert fidelity, and response processes.
- Participate in regular service reviews and ensure deliverables meet organizational expectations.
SOC Leadership and Team Development
- Provide technical leadership and guidance to SOC analysts.
- Lead daily SOC operations including prioritization of alerts, workload management, and escalation decisions.
- Mentor and develop analysts through coaching, training, and knowledge sharing.
- Establish expectations for investigation quality, documentation, and response timelines.
- Support hiring, onboarding, and skill development of SOC team members.
SOC Maturity and Process Development
- Develop, document, and maintain SOC standard operating procedures (SOPs), playbooks, and runbooks.
- Identify gaps in SOC processes and implement improvements to increase consistency and effectiveness.
- Define and track SOC metrics and KPIs (e.g., MTTR, alert volume, false positives, escalation rates).
- Standardize incident documentation and evidence collection to support audit and compliance requirements.
- Drive continuous improvement initiatives aligned to industry best practices and organizational goals.
Detection Engineering and Monitoring
- Collaborate with engineering and security teams to improve detection logic and use cases.
- Develop and tune detection rules within SIEM, XDR, and MDR platforms.
- Identify gaps in logging and telemetry and work with teams to onboard required data sources.
- Ensure monitoring coverage for systems handling sensitive or critical data.
- Contribute to threat modeling and detection strategy development.
Communication and Stakeholder Engagement
- Communicate security incidents, risks, and trends to technical and non-technical stakeholders.
- Provide clear and concise reporting on incident outcomes and lessons learned.
- Partner with infrastructure, application, and business teams to improve security practices.
- Support audit, compliance, and risk management activities as needed.
Qualifications
- Bachelor’s degree in computer science, information security, or equivalent experience.
- 7+ years of experience in a SOC, incident response, or cybersecurity operations role.
- Proven experience leading incident investigations and managing escalations.
- Experience working with a managed detection and response (MDR) provider (preferred).
- Strong understanding of security operations tools (SIEM, XDR, EDR, SOAR platforms).
- Experience with detection tuning, threat hunting, and log analysis.
- Demonstrated ability to develop SOC processes, playbooks, and operational documentation.
- Strong leadership, mentoring, and team development skills.
- Excellent analytical, problem-solving, and decision-making capabilities.
- Strong written and verbal communication skills.
Preferred Qualifications
- Experience with Splunk, Microsoft Sentinel, Defender XDR, and/or similar platforms.
- Experience working in a hybrid SOC model (internal + MDR).
- Familiarity with compliance frameworks (e.g., NIST, CMMC).
- Relevant certifications such as CISSP, GCIA, GCIH, or equivalent.
The Company is an Equal Opportunity Employer.
Skills Required
- Bachelor's degree in computer science, information security, or equivalent experience
- 7+ years of experience in a SOC, incident response, or cybersecurity operations role
- Proven experience leading incident investigations and managing escalations
- Experience working with a managed detection and response (MDR) provider
- Strong understanding of security operations tools (SIEM, XDR, EDR, SOAR)
- Experience with detection tuning, threat hunting, and log analysis
- Ability to develop SOC processes, playbooks, and operational documentation
- Strong leadership, mentoring, and team development skills
- Excellent analytical, problem-solving, and decision-making capabilities
- Strong written and verbal communication skills
- Experience with Splunk, Microsoft Sentinel, Defender XDR
- Familiarity with compliance frameworks (e.g., NIST, CMMC)
- Relevant certifications such as CISSP, GCIA, GCIH or equivalent
- Experience working in a hybrid SOC model (internal + MDR)
UFP Industries Compensation & Benefits Highlights
The following summarizes recurring compensation and benefits themes identified from responses generated by popular LLMs to common candidate questions about UFP Industries and has not been reviewed or approved by UFP Industries.
-
Healthcare Strength — Health coverage includes medical, dental, and vision, an HSA with a company contribution, company-paid life and disability, an EAP, and a health concierge service. The package is framed as a premium set of benefits supporting employees and their families.
-
Equity Value & Accessibility — Employees can buy company stock through an Employee Stock Purchase Program at a discount. Additional ownership perks such as stock gifts tied to service milestones are highlighted in parts of the materials.
-
Retirement Support — A 401(k) plan with a company match is available, including pre-tax and Roth options with various investments. Eligibility commonly begins within the first months of employment, encouraging earlier participation.
UFP Industries Insights
What We Do
UFP Industries is a holding company whose operating subsidiaries – UFP Packaging, UFP Construction and UFP Retail Solutions – manufacture, distribute and sell a wide variety of products used in residential and commercial construction, packaging and industrial applications. Founded in 1955, the company has operations in North America, Europe, Asia and Australia.






