JOB Title: SOC Lead

Experience: 8+

Certification:

• CompTIA CySA+ / Security+ / CEH
• Splunk Core Certified User / Power User
• Microsoft AZ-500 / SC-200
• CrowdStrike Certified Falcon Responder (CFR)

Responsibilities :

• SOC Leadership & Operations: Lead and manage a 24/7 SOC team (onshore and offshore), ensuring efficient monitoring, incident response, and continuous improvement.
• Threat Hunting & Incident Response: Drive proactive threat hunting, lead investigations end-to-end, and oversee containment, remediation, and post-incident reviews.
• Process Building & Maturity: Develop SOC processes, playbooks, and detection use cases aligned with NIST CSF, ISO 27001, and PCI DSS. Identify operational gaps and implement improvements.
• Audit & Compliance Support: Partner with GRC, internal audit, and external auditors to ensure evidence readiness, audit compliance, and risk mitigation.
• Technology & Integration: Oversee SIEM, XDR, EDR, NDR, CSPM, and cloud-native security integrations. Ensure effective log onboarding, tool rationalization, and automation to maximize efficiency.
• Cloud Security: Manage SOC visibility across multi-cloud platforms (Azure, GCP, OCI). Build detection and monitoring use cases for cloud-native workloads.
• Stakeholder Engagement: Act as a trusted advisor to business, IT, and compliance stakeholders. Translate technical incidents into business impact and provide actionable reporting.
• People Development: Mentor SOC analysts across levels, create structured certification and training roadmaps, and build a high-performance team culture

Mandatory:

• 8–12 years in cybersecurity, with 4+ years in SOC leadership/incident response management.
• Strong background in SOC operations, incident management, and threat hunting.
• Deep knowledge of SIEM, XDR, EDR, NDR, CSPM, and related security domains (not vendor-specific).
• Experience in cloud security across Azure, GCP, and Oracle Cloud.
• Strong understanding of NIST CSF, ISO 27001, and PCI DSS frameworks.
• Practical knowledge on SOC-CMM model.
• Proven ability to handle audits, compliance requirements, and board-level reporting.
• High resilience and ownership mindset; thrives under pressure and ambiguity.
• Excellent communication skills and ability to engage with diverse stakeholders.
• Certifications such as CISSP, CISM, or equivalent are highly desirable.