Security Operations Center TL

Job description:
About the Role:We are seeking a skilled and proactive SOC Lead to manage and enhance our Security Operations Center capabilities. The ideal candidate will have strong experience in cybersecurity operations, threat analysis, incident response, and team leadership. As SOC Lead, you will be responsible for establishment of SOC, overseeing day-to-day monitoring, managing a team of analysts, and evolving our threat detection and response processes.Key Responsibilities:Implement various SIEM / XDR solutions and establish the SOC processLead and coordinate the daily operations of the Security Operations Center.Supervise and mentor SOC analysts, providing guidance on threat detection, triage, and incident handling.Review, escalate, and respond to security incidents in a timely and efficient manner.Continuously improve SOC playbooks, procedures, and incident response plans.Oversee threat intelligence gathering and its integration into detection capabilities.Ensure high-quality documentation of security incidents, lessons learned, and remediation actions.Collaborate with IT, network, and application teams to strengthen the security posture.Lead threat-hunting initiatives and proactively identify potential risks.Maintain and optimize SIEM, SOAR, and other security tools to ensure effective coverage and alerting.Stay current on emerging threats, vulnerabilities, and best practices in security operations.Required Qualifications:Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or a related field (or equivalent experience).5–6 years of experience in cybersecurity, with at least 2 years in team handling experience.Deep understanding of XDR / SIEM platforms (e.g., Crowdstrike, SentinelOne, Sophos, Wazuh, Seceon, Simbian, etc.).Hands-on experience with incident response, threat analysis, malware analysis, and vulnerability management.Knowledge of attack frameworks such as MITRE ATT&CK and Cyber Kill Chain.Familiarity with regulatory frameworks (e.g., ISO 27001, NIST, GDPR, etc.).Strong analytical, problem-solving, and communication skills.Preferred Qualifications:Professional certifications such as GCIA, GCIH, CEH, CISSP, ECIH, CHFI.Experience with SOAR platforms and automation of security workflows.Exposure to cloud security environments and monitoring (AWS, Azure, GCP)Experience:Security Operations Centre: 5 years (Preferred)