SOC Lead

Direct Client RequirementTitle: SOC LeadLocation: Pune, MH -HybridFull Time/Permanent

Job Overview

Key Responsibilities

• Operational Oversight : Supervise daily SOC operations, including monitoring, incident detection, and response activities, ensuring 24/7 coverage and timely resolution of security alerts.
• Incident Management : Lead the investigation, triage, and resolution of security incidents, coordinating with analysts, SIEM engineers, and external teams as needed.
• SIEM Optimization : Oversee the configuration, tuning, and maintenance of SIEM platforms to enhance threat detection and reduce false positives.
• Team Leadership : Mentor and guide SOC analysts and engineers, providing technical direction, training, and performance feedback to improve team capabilities.
• Threat Intelligence Utilization : Integrate and leverage threat intelligence feeds to enhance detection rules, correlation logic, and incident response strategies.
• Process Improvement : Develop, refine, and implement SOC processes, playbooks, and standard operating procedures (SOPs) to ensure consistent and efficient operations.
• Reporting and Metrics : Generate and review reports on incident trends, SIEM performance, and SOC metrics, presenting findings to the SOC Manager and other stakeholders.
• Collaboration : Work closely with other IT and security teams, including network operations, cloud security, and compliance teams, to align SOC activities with organizational goals.
• Automation and Scripting : Promote and support the use of automation tools and scripts (e.g., Python, PowerShell) to streamline repetitive tasks and improve response times.
• Escalation Point : Serve as the primary escalation point for complex incidents, providing expertise and decision-making during high-severity events.
• Training and Development : Facilitate training sessions and knowledge-sharing initiatives to upskill team members and promote certifications
  

Skills And Qualifications

• Education : Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field. A Master's degree or relevant certifications are preferred.
• Experience :
• 5-8 years of experience in cybersecurity, with at least 2-3 years in a SOC environment and 1-2 years in a leadership or supervisory role.
• Hands-on experience with SIEM platforms and incident response processes.
• Prior experience in a Security Operations Center or Managed Security Service Provider (MSSP) environment is highly desirable.
• Technical Skills :
• Strong knowledge of SIEM architecture, log management, and event correlation.
• Proficiency in network security tools (e.g., firewalls, IDS/IPS, EDR solutions like CrowdStrike, Carbon Black).
• Familiarity with cloud security platforms (e.g., AWS, Azure, Google Cloud) and their integration with SOC tools.
• Scripting skills in Python, PowerShell, or similar languages for automation and process optimization.
• Understanding of network protocols, TCP/IP, and enterprise security technologies.
• Strong leadership and mentoring skills to guide and motivate SOC team members.
• Excellent analytical and problem-solving abilities to address complex security incidents.
• Effective communication skills for reporting and collaborating with technical and non-technical stakeholders.
• Ability to perform under pressure and manage multiple priorities in a fast-paced environment.
• Certifications (Preferred):
• Certified Information Systems Security Professional (CISSP)
• Certified Ethical Hacker (CEH)
• CompTIA Security+
• GIAC Security Operations Certified (GSOC)