Security Lead (MSSP)

Overview

Security Operations Leadership

• Lead and oversee day-to-day MSSP and Security Operations Center (SOC) activities.
• Manage and mentor security analysts, incident responders, and cybersecurity engineers.
• Act as the primary escalation point for critical security incidents and cyber threats.
• Ensure security monitoring services are delivered in accordance with agreed SLAs and KPIs.
• Drive operational excellence through continuous process improvements and automation initiatives.

Incident Response & Threat Management

• Lead the investigation, containment, eradication, and recovery of cybersecurity incidents.
• Coordinate major incident response activities with customers, stakeholders, and third-party vendors.
• Conduct root cause analysis and prepare incident reports with corrective actions.
• Oversee threat hunting activities and proactive threat detection initiatives.
• Ensure timely response to security alerts and escalation of critical events.

Security Monitoring & Engineering

• Manage SIEM, SOAR, EDR, NDR, IDS/IPS, email security, and vulnerability management platforms.
• Oversee security use case development, tuning, and optimization.
• Ensure effective log collection, correlation, monitoring, and threat detection across customer environments.
• Support deployment and enhancement of security technologies and controls.
• Review security architectures and recommend improvements to strengthen defenses.

Governance, Risk & Compliance

• Ensure alignment with ISO 27001, NIST Cybersecurity Framework, CIS Controls, and industry best practices.
• Lead security audits, compliance assessments, and risk management activities.
• Develop and maintain security policies, procedures, standards, and operational playbooks.
• Support customers in addressing compliance and regulatory requirements.
• Conduct security risk assessments and recommend mitigation strategies.

Customer & Stakeholder Management

• Serve as the primary security advisor for assigned customers.
• Present security posture reports, incident summaries, and improvement recommendations to management and customers.
• Conduct security review meetings and executive-level briefings.
• Collaborate with infrastructure, cloud, network, and application teams to address security risks.

Reporting & Metrics

• Define and monitor security KPIs and operational metrics.
• Produce executive dashboards, monthly service reports, and incident trend analysis.
• Track SLA compliance, incident response times, threat trends, and security maturity improvements.

Qualifications & Requirements

• Minimum 7 years of experience in cybersecurity, security operations, or managed security services.
• Minimum 2 years of experience in a Security Lead, SOC Lead, Incident Response Lead, or equivalent leadership role.
• Experience working within a Managed Security Service Provider (MSSP) environment is highly preferred.
• Proven experience managing enterprise security operations and customer-facing security services.
• Bachelor's Degree in Cybersecurity, Computer Science, Information Security, Information Technology, or a related field

Certifications

• CISSP (Certified Information Systems Security Professional) – Mandatory.
• CISM (Certified Information Security Manager) – Preferred.
• ISO 27001 Lead Auditor or Lead Implementer – Mandatory.
• Additional certifications such as CEH, GCIA, GCIH, SC-200, AZ-500, or equivalent are advantageous.

Technical Skills

• Strong knowledge of SOC operations, SIEM, SOAR, EDR, XDR, IDS/IPS, and threat intelligence platforms.
• Experience with Microsoft Sentinel, Splunk, QRadar, ArcSight, LogRhythm, or similar SIEM technologies.
• Strong understanding of incident response, digital forensics, malware analysis, and threat hunting.
• Experience with cloud security across Microsoft Azure, AWS, and Google Cloud environments.
• Knowledge of vulnerability management, security architecture, network security, and endpoint protection technologies.
• Familiarity with MITRE ATT&CK, NIST, ISO 27001, CIS Controls, and Zero Trust security principles.

Leadership Competencies

• Strong leadership and team management capabilities.
• Excellent stakeholder and customer management skills.
• Ability to lead major incident response activities under pressure.
• Strong analytical, problem-solving, and decision-making skills.
• Excellent communication and executive reporting abilities.
• Commitment to continuous improvement and cybersecurity excellence.