L3 SOC Lead

Job Title: L3 SOC Lead

Location: Bangalore

Position Summary

We are seeking a highly skilled and experienced SOC L3 Lead to manage our Managed Security Service (MSS) and drive service delivery excellence. This leadership role requires a blend of deep technical expertise in modern SIEM/SOAR platforms, strong communication, and proven negotiation skills to interface effectively with clients, management, and internal teams. The ideal candidate will be

responsible for overseeing high-impact incident response activities, ensuring operational metrics are met, and continuously maturing our detection and response capabilities.

Key Responsibilities

Service Delivery & Management:

Lead and manage the day-to-day operations of the SOC team, ensuring efficient service delivery for managed security clients.

Serve as the primary escalation point for complex security incidents and operational issues.

Develop and maintain strong client relationships, acting as a trusted advisor on security operations matters.

Drive continuous improvement initiatives within the SOC, optimizing processes, playbooks, and technologies.

Technical Expertise & Incident Response:

Utilize deep technical proficiency in SIEM platforms such as Microsoft Sentinel ,Google Security Operations (Chronicle), or similar enterprise-grade solutions.

Manage and optimize endpoint detection and response (EDR) tools, specifically Microsoft Defender for Endpoint (MDE).

Oversee the integration and utilization of Security Orchestration, Automation, and Response (SOAR) platforms to enhance efficiency and response times.

Lead major incident response efforts, coordinating containment, eradication, and recovery strategies.

Design, plan, and execute tabletop simulation exercises for major security incidents to test and refine organizational readiness and response plans.

Reporting; Stakeholder Communication:

Develop and deliver comprehensive, periodical reports for senior management, detailing operational status, key metrics, KPIs, security posture improvements, and project updates.

Leverage excellent communication and negotiation skills to articulate complex technical issues to non-technical stakeholders (both internally and externally).

Collaborate with threat intelligence teams, incident response teams, and other IT departments to ensure seamless security operations.

Required Qualifications & Skills

Experience: Minimum of 7+ years of experience in a Security Operations Center

(SOC) environment, with at least 2+ years in a leadership or L3/Incident Commander

role.

Technical Proficiency:

Microsoft Sentinel, Chronicle,Splunk ES, etc.).

Expert-level knowledge of EDR platforms, specifically Microsoft Defender for ,,,,,,,Endpoint.

Experience implementing and managing SOAR solutions and automated workflows.

Soft Skills:

Exceptional written and verbal communication skills.

Proven negotiation and conflict resolution abilities, particularly in high-pressure incident scenarios.

Strong analytical and problem-solving capabilities, with meticulous attention to detail.

ed): Industry certifications such as CISSP, CISM, GCIH, GCFA, or similar advanced security credentials.

Education: Bachelors degree in Cybersecurity, Information Technology, Computer

Science, or a related field (or equivalent work experience).