Security Operations Center Lead

As the Lead Security Analyst, you will be responsible for overseeing the monitoring and analysis of security alerts and events from various sources to detect and address potential security incidents efficiently. Your role will involve providing mentorship and guidance to junior analysts to foster their professional growth. Conducting thorough analysis of security incidents, evaluating their implications, and coordinating efforts across different teams for effective resolution will be a key aspect of your responsibilities. You will be expected to develop and implement advanced detection rules, use cases, and correlation logic to improve the accuracy of security monitoring. Collaboration with threat intelligence teams to remain updated on the latest threats, tactics, techniques, and procedures (TTPs) is essential. Leading incident response activities, ensuring prompt and comprehensive actions to mitigate security incidents, will be crucial in this role. Participation in post-incident reviews and analysis to identify root causes and areas for enhancement is required. Additionally, contributing to the continuous improvement of Security Operations Center (SOC) processes, procedures, and toolsets is a key responsibility. Staying abreast of emerging security technologies and industry trends to provide recommendations for tool upgrades and process enhancements is also part of your role. Furthermore, you will assist in creating and maintaining comprehensive documentation related to security incidents, procedures, and findings. Reviewing incidents escalated by Level 1 analysts and collaborating with internal customers to address their security-related issues are among the duties you will perform. You should be prepared to work in a 24/7 rotational shift model, including night shifts, and conduct forensic investigations when necessary. It is considered advantageous to have strong expertise in security monitoring tools and technologies such as SIEM, Firewall IDS/IPS, EDR, and threat intelligence platforms. An in-depth understanding of network protocols, firewall technologies, endpoint security, and cloud security is beneficial. Proficiency in recognizing successful intrusions and compromises, leading security incident response efforts, and possessing excellent analytical and problem-solving skills are desired qualities. Moreover, exceptional communication and interpersonal skills are essential for effective collaboration with both technical and non-technical stakeholders. Possession of relevant certifications such as CISSP, CISM, CISA, GIAC Certified Incident Handler, CEH Certified, CCSP, or SOC Analyst is highly desirable for this role. A minimum qualification of a Bachelor's degree in Computer Science, Information Security, or a related field is preferred for applicants.,