Security Lead

Role Overview: As a Security Lead (SOC), your primary responsibility will be to lead high-priority security investigations and incident response activities. You will oversee day-to-day SOC operations, act as the escalation point for complex threats, and conduct proactive threat hunting. Additionally, you will be responsible for developing and enforcing standard operating procedures, engaging with global stakeholders, mentoring analysts, and driving continuous improvement. Key Responsibilities: - Lead high-priority security investigations and incident response activities, ensuring accurate analysis, containment, remediation, and post-incident reporting. - Oversee day-to-day SOC operations, including shift handovers, escalation management, and ensuring continuity across a 24/7 environment with global customers. - Act as the escalation point for complex threats and security incidents requiring deep analysis of logs, packets, malware, and behavioral patterns using EDR, XDR, SIEM, and forensic tools. - Conduct proactive threat hunting using various data sources and tools. Create and optimize detection use-cases, correlation rules, and playbooks to enhance threat visibility and reduce dwell time. - Develop, refine, and enforce standard operating procedures (SOPs), playbooks, and incident response workflows to drive consistent and measurable outcomes. - Interface with global stakeholders (especially US/Canada clients), providing clear incident briefings, RCA reports, and advisory support. - Mentor L1 and L2 analysts, conduct training sessions, and support skill development across shifts. - Participate in tuning detection content, improving tool configurations, and supporting red/blue/purple team exercises to elevate SOC maturity. - Ensure high-quality documentation of incidents, processes, and technical findings. Contribute to executive and operational reporting. Qualifications Required: - Bachelor's degree in Computer Science, Information Technology, or related field. - Minimum of 5 years of experience in cybersecurity, with a focus on incident response and threat hunting. - Strong technical expertise in EDR, XDR, SIEM, and forensic tools. - Experience in developing and enforcing standard operating procedures and incident response workflows. - Excellent communication skills with the ability to engage with global stakeholders and mentor team members. - Relevant certifications such as CISSP, CISM, or equivalent would be a plus.,