SOC Lead Engineer
Location : Bangalore
Job Summary :
The SOC Lead Engineer is responsible for overseeing the Security Operations Center team, ensuring 24 / 7 monitoring, detection, analysis, and response to security threats.
This role involves managing incident response processes, optimising security tools, and leading a team of security analysts to protect the organisations assets from cyber threats.
Key Responsibilities :
SOC Operations Management :
- Lead and manage the day-to-day operations of the Security Operations Center.
- Oversee threat monitoring, detection, analysis, and incident response activities.
- Ensure efficient triage, investigation, and remediation of security incidents.
- Develop and enforce security policies, procedures, and best practices.
- Monitor security dashboards and logs to identify potential threats.
Incident Response & Threat Management :
Lead the investigation and resolution of security incidents.Develop and implement incident response playbooks.Conduct root cause analysis and recommend improvements.Collaborate with internal teams and external partners on threat intelligence sharing.Perform post-incident reviews to enhance response effectiveness.Work closely with the infrastructure security team for threat mitigation.Security Tools & Technology Optimization :
Manage and optimize SOC tools including SIEM, EDR, IDS / IPS, and threat intelligence platforms.Work with IT teams to improve security logging, correlation, and automation.Ensure timely updates and patching of security tools and systems.Evaluate and recommend new security technologies.Team Leadership & Development :
Supervise and mentor SOC analysts, providing guidance and technical expertise.Conduct regular training and upskilling sessions for SOC personnel.Define and track key performance indicators (KPIs) for SOC performance.Foster a culture of continuous improvement and cybersecurity awareness.Compliance & Risk Management :
Ensure compliance with industry regulations such as NIST, ISO 27001, PCI-DSS, GDPR, etc.Conduct security risk assessments and gap analysis.Maintain documentation and reporting for audits and compliance requirements.Work with the risk management team to develop mitigation strategies.Required Qualifications & Skills :
Technical Skills :
Strong knowledge of cybersecurity frameworks and best practices.Hands-on experience with SIEM (e.g., Wazuh, Splunk, QRadar), EDR / XDR, IDS / IPS, and firewall technologies.Proficiency in incident response, threat hunting, and forensic analysis.Familiarity with scripting and automation (Python, PowerShell, etc.)Experience with cloud security (AWS, Azure, GCP) is a plus.Soft Skills :
Strong leadership and team management abilities.Excellent problem-solving and analytical skills.Effective communication and reporting skills.Ability to work under pressure in a fast-paced environment.Education & Experience :
Bachelors degree in Computer Science, Cybersecurity, or a related field.5+ years of experience in cybersecurity, with at least 2 years in a SOC lead role.Industry certifications such as CISSP, CISM, CEH, GCIH, or equivalent preferred.Work Schedule & Additional Information :
Availability for on-call support as needed.Shift flexibility to support a 24 / 7 SOC environment.Occasional travel for training, conferences, or incident response coordination.(ref : hirist.tech)
