Soc Team Lead

 

Description:

We are seeking a highly motivated and experienced SOC Team Lead to oversee the day-to-day operations of our Security Operations Center (SOC). The ideal candidate will possess strong technical expertise, leadership skills, and exceptional communication abilities. This role requires managing a team of SOC analysts, ensuring all reports meet quality standards, coordinating with clients and internal teams, and driving continuous improvement in SOC processes.

 

Key Responsibilities:

Team Leadership & Training

Lead and mentor L1 and L2 SOC analysts, providing guidance and training to enhance their skills and knowledge.

Develop and implement training programs for the team, focusing on SOC tools, processes, and compliance frameworks.

Conduct performance evaluations and provide regular feedback to team members.

 

Operations Management

Ensure 24/7 monitoring of security incidents and timely escalation according to established protocols.

Oversee the generation of weekly and monthly reports, ensuring accuracy, completeness, and compliance with standards.

Review and finalize client-facing reports, maintaining a high level of professionalism.

Coordinate with the firewall and network teams to resolve incidents and optimize configurations.

Conduct regular client calls to discuss operations, incident trends, and reporting.

Incident Response & Network Security

Manage incident handling, investigation, and remediation activities.

Perform quality control of incidents and escalations handled by the SOC team.

Ensure all activities are aligned with regulatory and compliance requirements

Actively participate in improving SOC processes, including tuning SOC tools like SIEM, NDR, and EDR solutions.

 

Collaboration & Communication

Serve as the main point of contact between the SOC team and clients, ensuring effective communication and coordination.

Work closely with other departments, including IT, network, and compliance, to address security challenges.

Provide recommendations to clients and senior management on improving security postures.

 

Qualifications & Skills:

Education:

• Bachelor’s degree in Computer Science, Information Technology, or a related field. A Master’s degree is a plus.

Experience must be 6-8 years.

Certifications:

• Preferred:
• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• GIAC Certified Incident Handler (GCIH)

Technical Expertise:

• Proficient in SOC tools like IBM Qradar, Elastic SIEM, NDR solutions (e.g., ExtraHop, LinkShadow, Darktrace), and firewalls.
• Strong understanding of compliance frameworks such as ISO 27001.
• Hands-on experience in incident response, threat hunting, and vulnerability management.

Skills:

• Exceptional verbal and written communication skills, with the ability to present complex technical information clearly.
• Strong analytical and problem-solving abilities.
• Leadership skills to manage and motivate teams effectively.
• Ability to handle multiple tasks and work under pressure in a fast-paced environment.