Job Description
Join Our Team as a Cyber Security Team Lead!
Workplace by Direct is seeking a driven and experienced Cyber Security Team Lead to join our team in Sioux Falls, SD. In this role, you’ll lead day-to-day cybersecurity operations within our Managed Services and Managed Security Services environment, ensuring high-quality security outcomes for both internal systems and external clients.
You’ll play a critical role in leading our security team, overseeing security operations, and continuously improving our service delivery. This position combines hands-on technical expertise with leadership, customer interaction, and strategic influence to ensure our clients’ environments remain secure, compliant, and resilient.
About Workplace by Direct
Workplace by Direct is part of the Direct Companies family, a trusted business technology solutions provider serving small and mid-sized businesses. We deliver professional IT consulting and management services, with a focus on reliability, innovation, and customer success.
We foster a team-oriented, trust-driven workplace that values collaboration, excellence, and long-term relationships — both with our clients and our employees. Our mission is to create technology solutions that empower businesses to succeed, while actively supporting our community through charitable initiatives and volunteer work.
Why You’ll Love Working Here
We believe in continuous growth, leadership development, and empowering our team to make a meaningful impact. In this role, you’ll have the opportunity to shape our security practice, mentor team members, and drive innovation while being supported by a collaborative and forward-thinking organization.
Key Responsibilities
Security Operations & Leadership
Lead daily cybersecurity operations including monitoring, alert triage, and incident response
Provide scheduling, oversight, and direction to ensure full team coverage and effective resolution of security events
Act as an escalation point for complex or high-impact incidents
Coordinate resources (people, tools, and technology) to support current and future service delivery
Monitor and report on team performance metrics including SLAs, KPIs, productivity, and client experience
Incident Response & Threat Management
Lead and guide incident containment, remediation, and recovery efforts
Perform and oversee root cause analysis and post-incident reviews
Utilize threat intelligence, MITRE ATT&CK, and attacker TTPs to enhance detection and response
Interpret logs, packets, and security telemetry to support investigations
Security Solutions & Client Delivery
Support client environments across a multi-tenant MSSP model while ensuring proper isolation and security standards
Communicate directly with clients during incidents, service reviews, and executive briefings
Provide security recommendations, scopes, and guidance tailored to client needs
Assist with onboarding new customers and tuning detections per environment
Collaborate with engineering, sales, and customer success teams to deliver comprehensive solutions
Process Improvement & Compliance
Develop, document, and maintain incident response playbooks, SOPs, and workflows
Ensure adherence to security frameworks such as NIST, CIS Controls, and ISO 27001
Drive continuous improvement in vulnerability management, detection engineering, and response processes
Support compliance efforts related to standards such as HIPAA, PCI DSS, and SOC 2
Identify and implement automation and orchestration opportunities (SOAR)
Mentorship & Team Development
Lead, mentor, and develop security analysts (Tier 1–3)
Provide coaching, performance feedback, and training to support growth and effectiveness
Foster a high-performing, accountable, and collaborative team culture
Support hiring, onboarding, and ongoing skill development initiatives
Qualifications
5–8+ years of experience in cybersecurity or security operations
1–3+ years in a leadership or senior analyst role
Strong background in SOC operations, incident response, and security monitoring
Hands-on experience with SIEM platforms and alert investigation methodologies
Solid understanding of:
Network security (firewalls, IDS/IPS, VPNs)
Endpoint security (EDR/XDR)
Cloud security fundamentals (AWS, Azure, GCP)
Experience with vulnerability management and security frameworks
Familiarity with threat intelligence and attacker methodologies
Strong communication, leadership, and decision-making skills
Ability to operate effectively in a fast-paced, multi-tenant service environment
Bachelor’s degree in cybersecurity, computer science, or related field preferred (Equivalent experience and certifications will be considered)
Preferred Certifications (Optional)
CISSP, CISM, or GSLC
GIAC certifications (GCIH, GCED, GCIA)
Security+, CySA+, or equivalent
(Equivalent experience will be considered in lieu of certifications.)
Our Benefits
At Workplace by Direct, we reward great work with great benefits, including:
Competitive compensation
Health, dental, and vision insurance
401(k) with company match
Paid time off (PTO) and holidays
Life and disability insurance
If you’re a proactive leader with a passion for cybersecurity, operational excellence, and team development, we’d love to hear from you. Join us and help shape the future of secure workplace technology.