SOC Lead Engineer

SOC Lead Engineer

Location : Bangalore

Experience : 8- 15 YRS

Job Summary

The SOC Lead Engineer is responsible for overseeing the Security Operations Center team, ensuring 24 / 7 monitoring, detection, analysis, and response to security threats.

This role involves managing incident response processes, optimising security tools, and leading a team of security analysts to protect the organisation’s assets from cyber threats.

Key Responsibilities

1. SOC Operations Management

Lead and manage the day-to-day operations of the Security Operations Center.

Oversee threat monitoring, detection, analysis, and incident response activities.

Ensure efficient triage, investigation, and remediation of security incidents.

Develop and enforce security policies, procedures, and best practices.

Monitor security dashboards and logs to identify potential threats.

2. Incident Response & Threat Management

Lead the investigation and resolution of security incidents.

Develop and implement incident response playbooks.

Conduct root cause analysis and recommend improvements.

Collaborate with internal teams and external partners on threat intelligence sharing.

Perform post-incident reviews to enhance response effectiveness.

Work closely with the infrastructure security team for threat mitigation.

3. Security Tools & Technology Optimization

Manage and optimize SOC tools including SIEM, EDR, IDS / IPS, and threat intelligence platforms.

Work with IT teams to improve security logging, correlation, and automation.

Ensure timely updates and patching of security tools and systems.

Evaluate and recommend new security technologies.

4. Team Leadership & Development

Supervise and mentor SOC analysts, providing guidance and technical expertise.

Conduct regular training and upskilling sessions for SOC personnel.

Define and track key performance indicators (KPIs) for SOC performance.

Foster a culture of continuous improvement and cybersecurity awareness.

5. Compliance & Risk Management

Ensure compliance with industry regulations such as NIST, ISO 27001, PCI-DSS, GDPR, etc.

Conduct security risk assessments and gap analysis.

Maintain documentation and reporting for audits and compliance requirements.

Work with the risk management team to develop mitigation strategies.

Required Qualifications & Skills

Technical Skills

Strong knowledge of cybersecurity frameworks and best practices.

Hands-on experience with SIEM (e.g., Wazuh, Splunk, QRadar), EDR / XDR, IDS / IPS, and firewall technologies.

Proficiency in incident response, threat hunting, and forensic analysis.

Familiarity with scripting and automation (Python, PowerShell, etc.).

Experience with cloud security (AWS, Azure, GCP) is a plus.

Soft Skills

Strong leadership and team management abilities.

Excellent problem-solving and analytical skills.

Effective communication and reporting skills.

Ability to work under pressure in a fast-paced environment.

Education & Experience

Bachelor’s degree in Computer Science, Cybersecurity, or a related field.

5+ years of experience in cybersecurity, with at least 2 years in a SOC lead role.

Industry certifications such as CISSP, CISM, CEH, GCIH, or equivalent preferred.

Work Schedule & Additional Information

Availability for on-call support as needed.

Shift flexibility to support a 24 / 7 SOC environment.

Occasional travel for training, conferences, or incident response coordination