SOC Team Lead

Minimum of 5 years of experience in a SOC or related cybersecurity role.
Strong knowledge of incident response methodologies and frameworks (e.g., NIST, MITRE ATT&CK).
Hands-on experience with security tools such as SIEM (Sentinel, QRadar, etc.), EDR (CrowdStrike, Defender).
Proficiency in scripting languages (Python, PowerShell) for automation.
Familiarity with cloud security environments (AWS, Azure, GCP).
Proven leadership experience, with the ability to mentor and develop SOC analysts.
Excellent communication and collaboration abilities.
Strong analytical and problem-solving skills.

Lead the investigation, analysis, and response to cybersecurity incidents.
Mentor and coach L1 and L2 SOC analysts, fostering professional growth and knowledge sharing.
Perform root cause analysis and provide recommendations for remediation.
Ensures that all identified events are promptly validated and thoroughly investigated.
Provide timely advice and guidance on the response action plans for events and incidents based on incident type and severity.
Develop and refine incident response playbooks and procedures.
Collaborate with cross-functional teams to improve security posture.
Stay current with emerging threats, vulnerabilities, and attack techniques.
Work closely with Threat Intelligence teams to stay ahead of emerging threats and incorporate intelligence into SOC operations.
Assist in developing and enhancing automation capabilities (including SOAR).
Develop and tune security alerts, detection rules, and use cases.
Collaborate with SOC engineers to enhance threat detection capabilities.
Conduct threat-hunting activities to proactively identify potential threats.

Relevant certifications such as CISSP, GCIA, GCIH, CEH, or equivalent are a plus.