SOC Team Lead

Define and execute the SOC strategy, ensuring alignment with MSSP objectives, MDR services, and client security needs while driving continuous service improvement.Oversee and optimize SOC service delivery, ensuring operational excellence, SLA compliance, and regulatory alignment.Review and approve SOC service proposals, ensuring alignment with business objectives, technical feasibility, and competitive positioning.Assist in pricing SOC offerings, conducting cost-benefit analysis to ensure profitability and demonstrate ROI for clients.Align SOC operations with business risk management, ensuring security efforts focus on high-impact threats and industry-relevant risks.Drive executive engagement, translating SOC insights into business-driven recommendations that influence security investments and policy decisions.Strengthen internal collaboration, ensuring SOC operations integrate seamlessly with Threat Intelligence, Incident Response, Red Team and Engineering teams.Define and track SOC performance metrics such as incident detection rates, mean time to detect/respond (MTTD/MTTR), and SLA adherence, ensuring measurable service improvement and accountability.Increase SOC maturity by aligning detection, response, and security governance with CREST SOC and SOC-CMM best practices.Drive enhancements in threat detection, incident response, and security monitoring, ensuring SOC capabilities evolve with emerging threats and industry standards.Oversee the optimization of SIEM, EDR/XDR, and SOAR platforms, ensuring improved detection accuracy, reduced false positives, and enhanced automation.Ensure effective integration of threat intelligence into SOC workflows, improving detection strategies and proactive defense mechanisms.Strengthening forensic investigation processes, ensuring post-incident analysis drives meaningful security improvements.Maintain the resilience and scalability of SOC platforms, working with engineering teams to ensure system availability and efficiency.Advance threat-hunting initiatives, ensuring proactive identification of adversary tactics and continuous refinement of detection logic.Drive automation and workflow optimization, improving alert correlation, incident handling efficiency, and response consistency.Evaluate and implement emerging security technologies, ensuring the SOC remains adaptive and aligned with industry best practices.Lead and develop the SOC team, fostering a culture of excellence, continuous learning, and collaboration.Ensure proper resource allocation, balancing workloads and optimizing efficiency across different SOC functions.Mentor and support SOC leadership, including Assistant SOC Managers, Team Leads, and Senior Analysts, ensuring knowledge transfer and capability development.Strengthen internal and external communication, ensuring clear reporting structures and effective collaboration between SOC teams and stakeholders.Oversee performance management, setting KPIs and ensuring continuous professional growth through targeted training and development programs.Foster a client-centric approach, ensuring that SOC analysts communicate effectively with clients, providing timely and clear incident updates and recommendations.Promote process standardization, ensuring consistency in incident handling, reporting, and security best practices across all SOC operations.Desired Candidate ProfileQualificationbachelor s degree in information security.CertificationCISSP, Red Team Training, ITIL CDS, FCSP-Security Operations are preferred.Leadership Certificate for Mid management is Preferred.Experience /strong>7-8 years experience in Cyber Security.Strong understanding of MSSP and MDR frameworks, threat detection methodologies, incident response, and SOC governance models (CREST SOC, SOC-CMM, and other SOC maturity standards).Proven experience leading security teams including interacting with external client teams and supporting operational protocols.SkillsMSSP experience is preferred.SOC Strategy & Maturity (SOC-CMM)Threat Detection & Incident ResponseSIEM & Security Tool UtilizationThreat Intelligence & HuntingVulnerability ManagementMITRE ATT&CK and MITRE D3FENDExperience with various automation platforms such as security orchestration and automated response (SOAR) tools.Familiarity with MITRE ATT&CK and MITRE D3FEND, ensuring effective mapping of adversary tactics, techniques, and mitigations within SOC operations.Experience in managing and optimizing SIEM, EDR/XDR, SOAR, and threat intelligence platforms.