Security Operations Center Lead

Role & responsibilities

1. Manage and respond to security incidents: responsible for identifying and managing complex security incidents that require advanced technical knowledge and problem-solving skills. Work with other security teams to investigate and resolve security incidents in a timely and efficient manner.

2. Perform security analysis: conduct security analysis and assessment to detect potential security threats and vulnerabilities in the organization's infrastructure, systems, and applications.

3. Develop and maintain security controls: responsible for developing and implementing security controls and procedures to protect the organization's information assets. Work with other security teams to maintain security controls and ensure compliance with regulatory requirements.

4. Provide technical expertise: provide technical expertise and guidance to other security teams, including Level 1 and 2 analysts. Mentor and train junior analysts on the latest security technologies, threat intelligence, and incident response procedures.

5. Perform threat intelligence analysis: conduct threat intelligence analysis to identify emerging security threats and trends.

6. Monitor threat intelligence sources and share insights with other security teams to proactively detect and prevent security incidents.

7. Develop and maintain incident response plans: develop and maintain incident response plans to ensure that the organization is prepared to respond to security incidents.

8. Test and update the incident response plans regularly to ensure their effectiveness and efficiency.

9. SIEM management Implementation and configuration like log source integration, use case configuration, building custom use cases

10. Design and build new SOC processes from the ground up

11. Work with stakeholders to ensure SOC meets business and security requirements

12. Develop and maintain incident response processes

13. Build and implement new security technologies and tools to improve security posture

14. Develop and maintain playbooks for SOC use cases and incident response procedures

Preferred candidate profile

- At least 5 years of experience as an L3 analyst

- Experience building and managing a new SOC

- Experience designing and implementing SOC processes

- Deep understanding of advanced security threats and vulnerabilities

- Hands-on experience with security tools such as SIEM, EDR, IDS/IPS, and vulnerability scanners

- Experience in 24X7 critical operations and customer support functions.

- Holistic IT knowledge in heterogeneous technology environments.

- Operations and management of technology applications both internally and externally hosted.

- Skilled in analytical thinking, identifying pitfalls and recommending cost-effective solutions.

- Capable of conducting cost-benefit analysis for IT investments.

- Effective negotiation, problem solving and decision-making skills.

- Detail oriented, works well under pressure.

Employs technical expertise, and interpersonal relations to achieve company’s objectives