Team Lead - Information Security

Role & responsibilities

Overview:

Key Responsibilities:

• Lead the classification, documentation, and resolution of security incidents.
• Analyze, assign, and escalate high-complexity security issues as needed.
• Establish incident response protocols and ensure adherence to response timelines.
• Investigate complex security issues, determine root causes, and implement preventive measures.
• Collaborate with third-party vendors and escalate unresolved security incidents.
• Conduct vulnerability assessments and evaluate security risks.
• Enhance existing security controls and recommend risk mitigation strategies.
• Provide regular updates on security incidents, mitigation actions, and operational improvements.
• Develop executive-level security reports and presentations.
• Provide guidance on security tool optimization and integration into the organizations security framework.
• Lead security incident investigations and provide strategic recommendations.
• Cross-Functional Collaboration: Work with IT, compliance, and security teams to integrate security solutions into business operations. Lead the coordination of security initiatives with various departments.

Technical Leadership and Mentorship:

• Provide technical guidance and mentorship to security analysts and team members.
• Foster a culture of continuous learning and development within the team.
• Stay updated on emerging cybersecurity threats, trends, and best practices.
• Recommend and implement security enhancements based on evolving threat landscapes.

Experience Requirements:

• 6-8 years of experience in security operations, incident response, and risk management.
• Hands-on experience with SIEM tools like CrowdStrike, MS Sentinel, Splunk, QRadar, or LogRhythm.
• Expertise in EDR tools, Email Security tools, and forensic network analysis.
• Strong background in SOC operations, including triage, alert investigation, and incident qualification.
• In-depth knowledge of security technologies: DLP, IDS/IPS, Email Security, SWG/Proxy, CASB, CSPM, SASE, SSE, and SIEM.
• Experience with cloud security solutions and platforms such as AWS, Azure, or Google Cloud Platform.
• Proficiency in operating system security for Windows, MacOS, and Linux distributions.
• Strong problem-solving skills with the ability to analyze and resolve complex security issues.
• Strong expertise in ITIL and Change Management.

Skills and Competencies:

• Strong technical knowledge in SIEM, EDR, Incident Response, and Email Security tools (ProofPoint, FireEye, CrowdStrike).
• Ability to optimize SOC operations and security workflows.
• Excellent communication and collaboration skills.
• Proficiency in MS Office for reporting and documentation.
• Relevant certifications such as CS, Threat Hunting, or equivalent technical certifications.
• Qualifications: Bachelor’s degree in computer science, Information Security, Electronics & Communication, or a related field & 8+ years of experience in managing and operating security solutions in enterprise environments.

Preferred candidate profile