SOC Lead Engineer

Location : Bangalore

Job Summary :

The SOC Lead Engineer is responsible for overseeing the Security Operations Center team, ensuring 24/7 monitoring, detection, analysis, and response to security threats.

This role involves managing incident response processes, optimising security tools, and leading a team of security analysts to protect the organisations assets from cyber threats.

Key Responsibilities :

SOC Operations Management :

- Lead and manage the day-to-day operations of the Security Operations Center.

- Oversee threat monitoring, detection, analysis, and incident response activities.

- Ensure efficient triage, investigation, and remediation of security incidents.

- Develop and enforce security policies, procedures, and best practices.

- Monitor security dashboards and logs to identify potential threats.

Incident Response & Threat Management :

- Lead the investigation and resolution of security incidents.

- Develop and implement incident response playbooks.

- Conduct root cause analysis and recommend improvements.

- Collaborate with internal teams and external partners on threat intelligence sharing.

- Perform post-incident reviews to enhance response effectiveness.

- Work closely with the infrastructure security team for threat mitigation.

Security Tools & Technology Optimization :

- Manage and optimize SOC tools including SIEM, EDR, IDS/IPS, and threat intelligence platforms.

- Work with IT teams to improve security logging, correlation, and automation.

- Ensure timely updates and patching of security tools and systems.

- Evaluate and recommend new security technologies.

Team Leadership & Development :

- Supervise and mentor SOC analysts, providing guidance and technical expertise.

- Conduct regular training and upskilling sessions for SOC personnel.

- Define and track key performance indicators (KPIs) for SOC performance.

- Foster a culture of continuous improvement and cybersecurity awareness.

Compliance & Risk Management :

- Ensure compliance with industry regulations such as NIST, ISO 27001, PCI-DSS, GDPR, etc.

- Conduct security risk assessments and gap analysis.

- Maintain documentation and reporting for audits and compliance requirements.

- Work with the risk management team to develop mitigation strategies.

Required Qualifications & Skills :

Technical Skills :

- Strong knowledge of cybersecurity frameworks and best practices.

- Hands-on experience with SIEM (e.g., Wazuh, Splunk, QRadar), EDR/XDR, IDS/IPS, and firewall technologies.

- Proficiency in incident response, threat hunting, and forensic analysis.

- Familiarity with scripting and automation (Python, PowerShell, etc.)

- Experience with cloud security (AWS, Azure, GCP) is a plus.

Soft Skills :

- Strong leadership and team management abilities.

- Excellent problem-solving and analytical skills.

- Effective communication and reporting skills.

- Ability to work under pressure in a fast-paced environment.

Education & Experience :

- Bachelors degree in Computer Science, Cybersecurity, or a related field.

- 5+ years of experience in cybersecurity, with at least 2 years in a SOC lead role.

- Industry certifications such as CISSP, CISM, CEH, GCIH, or equivalent preferred.

Work Schedule & Additional Information :

- Availability for on-call support as needed.

- Shift flexibility to support a 24/7 SOC environment.

- Occasional travel for training, conferences, or incident response coordination.