Position Summary

We are seeking a Technical Writer to support the Cyber Security Operations Center (CSOC) by documenting operational processes, incident response procedures, and security workflows. This role partners closely with CSOC Analysts and engineering teams to translate complex security operations into clear, structured, and actionable documentation.

This position will be based on-site in Nashville, TN.

Key Responsibilities

• Document CSOC processes, procedures, and standard operating procedures.
• Create and maintain incident response runbooks, playbooks, and workflow diagrams.
• Partner with L1/L2 CSOC Analysts to capture alert-handling steps and escalation criteria.
• Standardize documentation for SOAR/XSOAR playbooks and automated workflows.
• Maintain updates to process documentation based on platform changes or lessons learned.
• Ensure documentation aligns with SOC best practices, audit needs, and operational readiness.

Required Qualifications

• Experience as a technical writer in IT, cybersecurity, or security operations environments.
• Proven ability to translate technical, analyst-driven workflows into clear documentation.
• Familiarity with SOC/CSOC concepts (incident response, alert triage, escalation, playbooks).
• Strong attention to detail and ability to organize complex information logically.
• Experience maintaining documentation in shared repositories (e.g., Confluence, SharePoint).

Preferred Qualifications

• Exposure to SOAR/XSOAR, SIEM, or security tooling terminology.
• Experience documenting workflows, process diagrams, or automation logic.
• Background supporting compliance, audit, or operational maturity initiatives.