SOC Lead

The SOC Lead will be responsible for leading 24/7 SOC operations, ensuring proactive threat monitoring, incident response, and continuous improvement in security posture. This role will manage SOC analysts, drive threat detection maturity, ensure seamless client engagement, and serve as a strategic escalation point for security incidents.

Key ResponsibilitiesSOC Operations & Team Leadership

• Lead and supervise SOC analysts (Trainees/L1/L2) ensuring high-quality monitoring and incident handling.
• Oversee day-to-day SOC operations, incident queues, and shift schedules to maintain 24×7 coverage.
• Review alerts, incident tickets, and performance metrics (KPIs/SLAs).
• Mentor, train, and upskill SOC analysts to strengthen operational readiness.

Incident Response & Escalation Management

• Lead response for critical security incidents and escalations.
• Conduct root cause analysis, impact assessment, and response coordination.
• Prepare incident reports, run post-incident review sessions, and recommend remediation actions.

Threat Detection & Continuous Improvement

• Contribute to threat detection strategy and use case development.
• Identify logging & visibility gaps and recommend improvements.
• Work with engineering teams to enhance SIEM, EDR, and SOAR workflows.
• Track threat trends and align monitoring strategies with emerging risks.

Client Management & Communication

• Serve as primary escalation contact for clients for security incidents and SOC operations.
• Deliver timely and clear communication — incident updates, executive summaries, dashboards.
• Conduct periodic client reviews, security posture updates, and advisory sessions.

Qualifications & Requirements

• 3-8 years of SOC/Incident Response experience (minimum 2 years in L2/L3 role).
• Hands-on experience with SIEM, EDR, Threat Intel tools, and SOAR platforms.
• Strong understanding of Windows, Linux, and Network security fundamentals.
• Experience working across cloud platforms — Azure, AWS, GCP.
• Proven leadership/mentoring experience in a SOC environment.
• Excellent communication, analytical, and client management skills.

Preferred Skills

• Certifications such as GCIH, GCIA, GCFA, Azure Security Engineer, AWS Security Specialty, CEH, CYSA+, or equivalent.
• Experience in security automation or scripting (Python/PowerShell).
• Understanding of MITRE ATT&CK, threat hunting methodologies & playbook development.

Job Types: Full-time, Permanent

Pay: ₹800,000.00 - ₹1,200,000.00 per year

Benefits:

• Provident Fund

Application Question(s):

• you are L1/L2/L3 ?
• Notice Period

Experience:

• total work: 3 years (Preferred)
• SOC: 3 years (Preferred)
• Team management: 2 years (Preferred)