Soc Team Lead

Description:

We are looking for a highly motivated and experienced SOC Team Lead to manage the daily operations of our Security Operations Center. This is a critical leadership role requiring a blend of strong technical cybersecurity expertise, excellent communication, and the ability to manage and guide SOC teams. The SOC Team Lead will be responsible for ensuring seamless 24/7 monitoring, timely incident escalation, and high-quality reporting, while also contributing to process improvements and client satisfaction.

Key Responsibilities:

Team Leadership & Training:

• Lead, mentor, and train L1 and L2 SOC analysts.

• Implement and manage training programs focusing on SOC tools, compliance, and best practices.

• Conduct regular performance reviews and give constructive feedback.

Operations Management:

• Ensure 24/7 monitoring of security incidents with appropriate escalation.

• Review and approve weekly and monthly client reports for accuracy and completeness.

• Coordinate with network/firewall teams and lead client meetings to discuss operations and security incidents.

Incident Response & Network Security:

• Oversee incident detection, analysis, and remediation.

• Perform quality control on incidents handled by analysts.

• Ensure adherence to regulatory and compliance requirements (e.g., ISO 27001).

• Fine-tune and optimize tools such as SIEM, NDR, and EDR for efficient threat detection.

Collaboration & Communication:

• Act as the main liaison between the SOC team and external clients.

• Collaborate with internal departments including IT, compliance, and network security.

• Advise clients and senior management on enhancing security postures.

Qualifications & Skills:

Education:

• Bachelor’s degree in Computer Science, Information Technology, or related field (Master’s preferred).

Certifications (Preferred):

• CISSP (Certified Information Systems Security Professional)

• CISM (Certified Information Security Manager)

• GCIH (GIAC Certified Incident Handler)

Technical Expertise:

• Proficiency with IBM QRadar, Elastic SIEM, NDR tools (ExtraHop, LinkShadow, Darktrace), firewalls

• Strong grasp of compliance standards, incident response, threat hunting, and vulnerability management

Skills:

• Excellent communication (verbal and written)

• Strong analytical, problem-solving, and leadership capabilities

• Ability to work in a high-pressure, fast-paced environment