ESCOSS

Job Title: SOC Operations Lead Department: Security Operations Center (SOC) Location: College Road, Nashik, Maharashtra (On-Site) Experience: 2–4 Years Employment Type: Full-time About ESCOSS ESCOSS is a cybersecurity firm focused on active defense, real-world threat detection, and disciplined security operations . We operate beyond compliance checklists and reactive monitoring — our SOC is built to detect early, respond fast, and improve continuously . We are looking for a high-performing SOC professional ready to step into a leadership role and take ownership of day-to-day SOC operations. Position Overview The SOC Operations Lead is responsible for running the daily rhythm of the Security Operations Center. This role acts as the on-shift commander , ensuring alerts are triaged correctly, incidents are handled efficiently, and analysts operate with clarity and confidence. This position is ideal for a strong SOC analyst transitioning into leadership, with hands-on responsibility and direct exposure to management and client coordination. Key Responsibilities SOC Operations & Team Leadership Supervise L1/L2 SOC analysts and manage shift rosters to ensure 24/7 SOC coverage Act as the primary escalation point for complex or high-severity alerts Ensure adherence to SOC SOPs, escalation paths, and quality standards Incident Handling & Response Lead investigation, containment, and resolution of security incidents Support analysts during high-pressure incident scenarios Coordinate internal response efforts to minimize business and client impact Threat Detection & Hunting Perform proactive threat hunting using SIEM platforms and log analysis Identify suspicious behavior missed by automated detections Improve detection logic and use cases aligned with the MITRE ATT&CK framework Process & Playbook Improvement Refine SOC playbooks, workflows, and Standard Operating Procedures Reduce false positives and improve Mean Time to Detect (MTTD) and Respond (MTTR) Client & Stakeholder Coordination Support client-facing incident communications, including status updates and RCA inputs Coordinate with internal stakeholders (IT, DevOps, Cloud teams) during investigations Ensure clear, professional communication with management and clients during incidents Training & Mentorship Conduct weekly knowledge-sharing sessions for junior analysts Lead internal tabletop incident response drills and simulations Guide interns and fresh analysts to become production-ready SOC professionals Reporting & Documentation Prepare weekly SOC performance reports (alert volumes, response times, trends) Maintain clear documentation for incidents, detections, and SOP updates Present security findings in a clear, non-jargon manner to leadership Candidate Requirements Experience 2+ years of hands-on experience in a SOC or Incident Response role Prior exposure to mentoring, training, or task leadership is preferred Technical Expertise Strong hands-on experience with SIEM tools (Splunk, Microsoft Sentinel, Wazuh, QRadar, etc.) Ability to write custom SIEM queries and independently investigate alerts Working knowledge of EDR tools and endpoint investigations Security Knowledge Solid understanding of MITRE ATT&CK framework, Windows/Linux internals, and TCP/IP networking Familiarity with common attack techniques, logs, and detection methodologies Leadership & Communication Ownership-driven mindset with the ability to lead under pressure Clear communicator capable of explaining technical risks to non-technical stakeholders Strong coordination and decision-making skills during incidents Certifications (Preferred) CompTIA CySA+ CEH GCIH BTL1 (Blue Team Level 1) How to Apply Interested candidates should send their resume and a brief cover letter to hr@escoss.com