Security Analyst Lead — Endpoint & SOC Operations
About the role:
We’re seeking a proactive and highly capable Security Analyst Lead to own endpoint protection and SOC operations as we scale our MSP infrastructure — including onboarding a new client with over 2,000 endpoints.
You will lead the day-today execution and oversight of our SentinelOne and Adlumen deployments, and work directly with our SOC partner to ensure high-quality, fast-response protection across all assets. You’re not here to wait for alerts — you’re here to build process, tune tools, and stay ahead of threats.
This is a senior hands-on-role with the potential to build and scale a security support team under you.
What You’ll Do:
- Lead the endpoint protection strategy across thousands of devices using SentinelOne.
- Manage and fine-tune our Adlumen SIEM/SOC integration, ensuring effective alert flow, minimal false positives, and proper escalations.
- Act as the primary interface with the SOC, reviewing tickets, metrics, and incident quality.
- Develop and maintain security playbooks and SOPs for incident response, threat detection, and scalation paths.
- Assist in the onboarding of high-value clients, ensuring endpoint security posture is compliant and enforced from day one.
- Implement threat hunting, anomaly detection, and deeper analytics using EDR/XDR data.
- Prepare weekly and monthly security posture reports, identifying vulnerabilities, threats, and incident response trends.
- Build or scale a Tier 1/Tier 2 analyst team if needed, including shift planning and onboarding.
What you bring:
- 4+years in security operations or endpoint defense, preferably within an MSP or SOC-driven environment.
- Hands-on experience with SentinelOne and/or comparable EDR solutions (CrowdStrike, Defender for Endpoint, etc).
- Experience managing or integrating with SIEM/SOC platforms like Adlumen, Splunk, AlienVault, etc.
- Ability to tune alerting, define response playbooks, and manage incident escalation.
- Fluent English and strong communications skills — comfortable interacting with analysts, engineers, and clients.
- Autonomous mindset — you don’t wait for instructions, you bring structure and clarity to the table.
Bonus points:
- Experience building or leading a SOC or Tier 1 analyst team.
- Security certifications such as CompTIA Security+, CySA+, Microsoft SC-200, GIAC, or similar.
- Familiarity with endpoint hardening, vulnerability management, and RMM integration.
What we offer:
- 100% remote position (WeWork stripend optional).
- Strategic visibility and impact — we want your fingerprints on the structure.
- A chance to build not just processes, but a team.
To apply, send your resume and a short note about your experience managing SOC integrations, endpoint security tools, or response playbooks along with Monthly pay expectation.
We’re not looking for someone to react — we’re looking for someone to lead the defense.
Send your application to: careers@softwarecraftcr.com or submit via our form.

“We are a Nearshore staff augmentation firm specializing in building top notch Software Engineering teams for clients in the United States. Our mission is to help businesses streamline their operations and improve efficiency through cutting-edge technology.”