SOC Technical Lead

Position: SOC Technical Lead

We are seeking a SOC Technical Lead who will serve as a technical mentor and strategic guide for the Security Operations Center. This role is focused on developing analyst capabilities, strengthening investigation quality, and driving consistent incident response practices. The ideal candidate will lead through guidance, coaching, and knowledge sharing, ensuring the SOC team operates with high efficiency and maturity.

Key Responsibilities

Act as a technical leader and mentor, guiding SOC analysts in effective triage, investigation, and response

Serve as the primary escalation point, providing direction on complex and high-severity incidents

Drive continuous learning and development within the SOC through structured training and hands-on coaching

Establish and promote best practices for incident investigation and response

Ensure analysts follow a consistent and high-quality approach to security event analysis

Conduct regular knowledge-sharing sessions, case reviews, and post-incident learning discussions

Guide the team in understanding attacker behavior, detection logic, and investigation techniques

Collaborate with Cyber Incident Response, Detection Engineering, and Threat Intelligence teams to enhance team knowledge and detection capabilities

Support and guide development of KQL queries, use cases, and detection rules

Provide direction on automation strategies using XSOAR and Sentinel

Monitor SOC performance and guide improvements to meet SLA, MTTD, and MTTR targets

Provide insights and recommendations to leadership on SOC maturity and improvements

Technical Skills Required

Microsoft Sentinel (SIEM)

XSOAR (SOAR)

Microsoft Defender Suite

KQL (Kusto Query Language)

MITRE ATT&CK Framework

Azure AD / Entra ID

Windows/Linux logs and authentication

Networking (TCP/IP, DNS, VPN)

Incident response lifecycle and threat hunting

Preferred Qualifications

Certifications: SC-200 / AZ-500 / Security+ / CEH

Experience in threat intelligence and IOC analysis

Exposure to cloud security (Azure/AWS/GCP)

Soft Skills

Strong mentorship and coaching mindset

Excellent analytical and problem-solving skills

Ability to guide teams in high-pressure situations

Clear and effective communication skills

Focus on continuous improvement and team development