Lead Security Engineer - SOC

Role : Lead Security Engineer - SOC The individual in this role will lead the Global Security Operations Center (SOC), which is responsible for monitoring and responding to potential security threats and incidents. This individual will also work closely with other teams as part of the overall incident response process. Responsibilities : - Provide leadership and guidance to a team of Tier 1/2 SOC analysts that work in shifts within the 24-7 SOC. - Oversee daily operations of the SOC, ensuring appropriate staffing and coverage across shifts. - Develop shift rotation plans for SOC analysts. - Regularly generate and review SOC metrics, performance reports and KPIs. - Lead and coordinate responses to cyber security incidents, ensuring swift containment, investigation and remediation. - Serves as a Subject Matter Expert (SME) for analysts. - Ensure Standard Operating Procedures (SOPs), SLAs and best practices are followed during investigations and incident handling. - Perform in-depth analysis of security incidents, identifying root causes and recommending corrective actions. - Provide guidance to SOC analysts on complex analysis and investigations. - Identify capability gaps, both personnel and tool related, and work to fill them. - Provide guidance on continuous improvement of SOC processes and procedures (e.g Incident Response playbooks). - Conduct quality assessments and reviews of SOC processes and cases. - Experience formulating use cases to detect threats. - Develop and manage training and mentoring plans for SOC analysts. - Collaborate with other IT operations, SOAR, Security Engineering, Threat Intelligence to enhance threat detection and remediation processes. - Provide automation, tuning and filtering recommendations to engineering teams. - Participate in security audits and assessments. - Culture a team with high accountability and high morale. - Perform other duties as assigned. Requirements : - Bachelors Degree in Computer Science/Engineering. - Minimum 8 years of experience in Information Security with at least 3 years in a SOC or Incident Response role. - Strong technical understanding of security logging and monitoring related to cloud, operating systems, applications, network and platforms. - Strong technical understanding of SIEM platforms and security technologies. - Deep understanding of attack vectors, threat landscapes and modern adversary tactics. - Proactive mindset for continuous improvement of SOC processes and capabilities. - Experience handling security incidents. - Excellent and proven leadership. - Strong analytical and problem solving skills. - Self driven and highly motivated. - Ability to work in a team environment. - Project Management skills. - Highly fluent in English. (ref:hirist.tech)

Location: trivandrum, IN

Posted Date: 4/18/2025