Cybersecurity SOC L3

Location

Job Type

Experience Level

Job Summary

Key Responsibilities

• Lead SOC operations with a focus on operational excellence, visibility, and responsiveness.
• Manage and mentor SOC analysts, fostering skill development and teamwork.
• Drive SOC optimization initiatives through process improvements, automation, and technology adoption.
• Build and execute a strategic SOC roadmap aligned with evolving threat landscapes and business goals.
• Guide the design and implementation of Agentic AI-powered SOC models for intelligent automation, detection, and response.
• Monitor and investigate security events using SIEM and EDR solutions like CrowdStrike, Elastic Defend, Splunk, Sentinel.
• Coordinate and lead high-impact incident response engagements including investigation, containment, and remediation.
• Perform & Mentor host/cloud forensic analysis to determine root cause, scope, and impact of incidents.
• Work cross-functionally with Threat Intel, Security Engineering, and DevOps teams to improve SOC efficacy.
• Generate detailed incident reports and contribute to continuous improvement through post-incident reviews.

Required Qualifications

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent experience).
• 8+ years of experience in SOC or security operations, with at least 1–2 years in a leadership or mentoring capacity.

Proven Expertise In

• Incident Handling, Response and Threat Containment
• SIEM (Elastic, Splunk, Sentinel) & EDR (CrowdStrike, Elastic Defend, Defender)
• MITRE ATT&CK, Windows/Linux internals, and network protocols
• SOC improvement through KPIs, coverage metrics, and quality assessments
• Designing or leading SOC transitions, assessments, and maturity models
• Certifications (At least one required)

·       GIAC Certified Forensic Analyst (GCFA)

• CISSP, CISM

Preferred Skills (Bonus)

• Experience deploying/optimizing SOAR platforms
• Hands-on scripting in Python or PowerShell for automation
• Exposure to Threat Hunting and Threat Intelligence
• Familiarity with AI/ML applications in Security Operations
• Red/Blue Team or Purple Team engagements
• Experience implementing security controls in cloud-native services (e.g., Azure Defender, GuardDuty)

Soft Skills

• Strong leadership, mentoring, and team-building abilities
• Strategic mindset with an ability to translate vision into execution
• Excellent analytical, communication, and documentation skills
• Calm under pressure and committed to operational resilience
• Passion for innovation and continuous learning