MSS Operations Lead

cyberani solutions

Lead day-to-day SOC operations, ensuring service quality and SLA adherence across clients.

Provide L3 technical oversight for complex security events/incidents (triage, investigation, containment, eradication, and recovery) and ensure timely escalation and resolution.

Coordinate major incident management activities with Incident Response, Threat Intelligence, and Engineering teams, leading incident bridges and stakeholder communications.

Oversee shift operations, analyst scheduling, and workload prioritization; coach and mentor analysts to improve performance and investigation quality.

Define, maintain, and continuously improve SOC operational processes, escalation matrices, and playbooks/runbooks.

Review and approve incident reports, RCAs, and client deliverables; ensure accuracy, completeness, and actionable improvement items.

Lead periodic service review meetings with clients to present SOC performance, KPIs, and improvement actions; represent the SOC during audits and governance meetings.

Develop and track SOC KPIs/SLAs/SLOs, ensuring alignment with MSS objectives and driving continuous service improvement.

Support onboarding and client requirements (use-case validation, access readiness, operational acceptance) to ensure smooth service transition.

Support detection quality initiatives by validating alert logic, recommending tuning, and reducing false positives/MTTD/MTTR in coordination with engineering teams.

Assist in identifying, prioritizing, and coordinating the protection of critical cyber defense infrastructure and key resources.

Continuously assess SOC operations to ensure relevant processes and playbooks are followed and that policy requirements are met.

Ensure adherence to all published Cyberani CS policies, procedures, and playbooks by relevant teams and individuals.