ISA Team Lead

Job Summary

• Perform deep-dive investigations into complex security incidents, leveraging advanced forensics techniques (memory, disk, network, malware).
• Lead incident response activities, including containment, eradication, and recovery efforts.
• Utilize threat intelligence to contextualize attacks, identify threat actors TTPs, and propose defensive improvements.
• Collaborate with L1 and L2 analysts, mentoring and guiding them through technical escalations.
• Provide leadership and direction to SOC Analysts.
• Lead continuous improvement initiatives for operational processes.
• Collaborate with internal and external teams to enhance SOC functionality.
• Address personnel-related issues within the SOC team.
• Keep senior management informed about significant incidents or operational challenges.
• Provide development opportunities for SOC staff in line with established practices and standards.
• Organize shift schedules, including regular, holiday, illness, vacation, and emergency shifts.
• Ability to ensure continuous operation 24/7.
• Facilitate shift turnovers and conduct briefings to ensure smooth transitions.
• Ensure the successful execution of all daily operational processes and protocols.
• Monitor adherence to established procedures and ensure all processes are well-documented as per local requirements.
• Identify and manage tactical issues affecting SOC operations.
• Document and monitor training needs and compliance for all SOC analysts.

Requirements:

• 6+ years of experience in security operations with at least 2+ years in a leadership role.
• Bachelor s degree in computer science, Information Security, or a related field.
• Strong leadership and team management skills.
• In-depth knowledge of SOC operations and cybersecurity best practices.
• Excellent communication and problem-solving skills.
• Team Lead, Soc, L1 And L2