-
Lead and manage the Security Operations Center (SOC) team in identifying, investigating, and responding to cybersecurity threats and incidents.
-
Oversee daily operations of the SOC, ensuring timely triage, analysis, and escalation of security events.
-
Operate and manage the SIEM platform (e.g., Splunk, QRadar, LogRhythm), including developing and optimizing detection rules and dashboards.
-
Drive incident response efforts using established playbooks, threat intelligence, and best practices.
-
Maintain and continuously improve SOC processes, including runbooks, use cases, and operational workflows.
-
Conduct root cause analysis and post-incident reviews to strengthen defenses and response capabilities.
-
Collaborate with other IT and security teams to ensure alignment and swift resolution of incidents.
-
Monitor threat intelligence sources to stay current on vulnerabilities, threats, and attacker tactics, techniques, and procedures (TTPs).
-
Serve as the key escalation point for complex or high-severity security incidents.
-
Coach and mentor SOC analysts, promoting skills development and continuous improvement within the team.
-
Proven experience managing or leading a SOC or cybersecurity operations team.
-
Hands-on expertise with SIEM tools such as Splunk, QRadar, or LogRhythm.
-
Strong technical understanding of network protocols (e.g., TCP/IP), system architectures, and common threat vectors.
-
Solid experience in security event analysis, incident handling, and root cause investigation.
-
Familiarity with attacker techniques (e.g., MITRE ATT&CK) and detection strategies.
-
Experience developing and refining incident response playbooks and SOC use cases.
-
Strong communication skills, with the ability to articulate technical concepts to non-technical stakeholders.
-
Ability to lead under pressure and respond effectively in high-stress situations.
-
Relevant industry certifications such as GIAC (e.g., GCIA, GCIH), OSCP, CISSP, or similar.
-
SIEM-specific certifications are highly desirable.
-
Scripting or programming skills in Python, PowerShell, Java, or C# are an advantage.
