The Lead, Security Operations Center is responsible for managing the SOC's operations, ensuring continuous security monitoring, incident response, digital forensics, and threat intelligence integration. This role involves leading a team of cybersecurity analysts, coordinating responses to security incidents, and enhancing the organization's security posture. The SOC Lead ensures that the organization is prepared to detect, analyze, and respond to cyber threats effectively.

1. SOC Operations Management

• Oversee the daily operations of the SOC, ensuring 24/7 monitoring and timely response to security events.
• Develop and maintain SOC processes, procedures, and playbooks to ensure efficient operations.
• Ensure that the SOC team is equipped with the necessary tools, technologies, and resources.

2. Incident Response Coordination

• Lead and coordinate the organization's incident response activities, ensuring swift identification, containment, eradication, and recovery from security incidents.
• Develop, implement, and regularly test incident response plans and playbooks.
• Provide timely incident reporting and escalation to the Info Sec Head and relevant stakeholders.

3. Digital Forensics and Investigation

• Oversee digital forensic investigations to support incident response and legal/regulatory requirements.
• Ensure proper collection, preservation, and analysis of digital evidence in line with legal standards.
• Deliver detailed forensic reports and recommend security improvements based on investigation findings.

4. Threat Intelligence Integration

• Integrate threat intelligence into SOC operations to enhance detection and response capabilities.
• Monitor and analyze threat intelligence feeds to anticipate and mitigate potential threats.
• Establish and maintain relationships with external threat intelligence providers and industry peers.

5. Security Monitoring and Analysis

• Ensure continuous monitoring of networks, systems, and applications for signs of suspicious activity.
• Lead the configuration and optimization of security monitoring tools, including SIEM/SOAR systems and IDS/IPS.
• Oversee the analysis of security alerts and events to identify and assess potential threats.

6. Team Leadership and Development

• Manage and mentor a team of cybersecurity analysts, providing guidance, training, and performance evaluations.
• Foster a collaborative and high-performance culture within the SOC team.
• Identify skill gaps within the team and implement training and development initiatives.

7. Collaboration and Communication

• Collaborate with technology groups, network, and other departments to ensure alignment of SOC operations with business objectives.
• Communicate SOC activities, incident status, and security risks to the Info Sec Head and other senior management.
• Coordinate with external partners, including law enforcement and third-party vendors, as necessary.

8. Continuous Improvement

• Continuously evaluate and improve SOC processes, tools, and technologies to enhance the organization's security posture.
• Conduct regular SOC exercises and simulations to test and refine incident response capabilities.
• Stay informed of the latest cybersecurity trends, threats, and technologies to ensure the SOC remains effective and up-to-date.

9. Compliance and Reporting

• Ensure SOC activities comply with relevant regulations, standards, and policies.
• Maintain detailed records of security incidents, investigations, and responses.
• Provide regular reports to the Info Sec Head on SOC performance, incidents, and overall security posture.

10. Crisis Management

• Act as the primary point of contact for security-related crises, ensuring a coordinated and effective response.
• Support broader organizational crisis management efforts during major security incidents.
• Implement lessons learned from past incidents to strengthen future response strategies.

11. Other Roles and Responsibilities that may be assigned from time to time

Requirements

• Bachelor’s degree in Information Security, Computer Science, or a related field; Cyber/Info Sec Certified preferred.
• Extensive experience in SOC operations, incident response, digital forensics, and threat intelligence.
• Strong knowledge of security monitoring tools, incident response frameworks, and threat intelligence platforms.
• Proven experience leading and managing a team of cybersecurity analysts. - Excellent problem-solving, analytical, and decision-making skills.
• Strong communication and leadership abilities

Benefits
Gov't Mandatory.
Others will be discuss