SOC Team Leader
Niceone
Employer Active
Posted 6 hrs ago
Send me Jobs like this
Nationality
Any Nationality
Gender
Not Mentioned
Vacancy
1 Vacancy
Job Description
Roles & Responsibilities
Lead, mentor, and develop a team of SOC analysts across shifts, ensuring coverage, capability growth, and consistent application of playbooks and detection procedures.
Oversee day-to-day SOC operations including monitoring alerts, triage, investigation, escalation, and incident response in accordance with defined SLAs and incident classification.
Manage and coordinate response to security incidents, including containment, eradication, recovery activities, root cause analysis, and post-incident reporting and remediation tracking.
Maintain and improve SOC detection capabilities by tuning SIEM rules, integrating telemetry sources, validating alerts, and optimizing use of EDR, network detection, cloud security, and threat intelligence tools.
Drive proactive threat hunting and use threat intelligence to identify emerging risks, attacker behaviors, and gaps in coverage; translate findings into detection and prevention improvements.
Develop, update, and enforce SOC processes, runbooks, escalation paths, and playbooks to ensure repeatable, auditable incident handling and continuous improvement.
Coordinate with IT, engineering, risk, compliance, and business teams to communicate incidents, support investigations, and implement mitigation and remediation actions.
Produce timely and actionable operational and executive reports on SOC performance, metrics (MTTR, MTTD, alert volumes, false positive rates), and incident trends to stakeholders.
Manage vendor relationships and integrations for managed detection and response (MDR), threat intelligence, and security tooling; evaluate and onboard solutions to improve SOC effectiveness.
Ensure SOC operations comply with applicable policies, regulatory requirements, and internal security standards; participate in audits and readiness activities when required.
Desired Candidate Profile
Bachelor s degree in Computer Science, Information Security, or related field, or equivalent practical experience.
5+ years of experience in security operations, incident response, or a related cybersecurity role, with at least 2 years in a supervisory or team lead capacity.
Hands-on experience with SIEM (e.g., Splunk, Elastic, QRadar), EDR platforms, network detection tools, and common security telemetry sources.
Strong incident response, digital forensics, and threat-hunting skills with familiarity across on-premises, cloud (AWS/Azure/GCP), and hybrid environments.
Professional certifications such as GCIA, GCIH, CISSP, CISM, or equivalent are preferred.
Professional proficiency in English is required; proficiency in Arabic is a plus depending on location.
Legal right to work in the hiring country and availability to support rotating shifts, on-call duties, and incident response outside business hours as needed.
Required Skills:
- Strong leadership and people-management skills with the ability to coach analysts, manage performance, and foster a collaborative, learning-focused team culture.
- Excellent analytical and problem-solving skills with the ability to prioritize under pressure and make timely, evidence-based decisions during incidents.
- Solid technical knowledge of common attack techniques, log sources, networking, operating systems, and cloud services to guide investigations and tune detections.
- Effective communication skills to translate technical findings into clear recommendations for technical and non-technical stakeholders, and to prepare executive summaries.
- Process-oriented mindset with attention to detail for maintaining runbooks, documentation, and SOC metrics; experience improving operational workflows and automation.
- Ability to work collaboratively across a matrixed organization and adapt to changing priorities in a fast-paced security environment.
Company Industry
- Retail
Department / Functional Area
- IT Software
Keywords
- SOC Team Leader
Disclaimer: Naukrigulf.com is only a platform to bring jobseekers & employers together. Applicants are advised to research the bonafides of the prospective employer independently. We do NOT endorse any requests for money payments and strictly advice against sharing personal or bank related information. We also recommend you visit Security Advice for more information. If you suspect any fraud or malpractice, email us at abuse@naukrigulf.com
Niceone
Join Nice one as a SOC Team Leader. In this security-focused role you will lead the Security Operations Center (SOC) team to detect, investigate, and respond to cybersecurity incidents while improving monitoring, processes, and tool effectiveness. The role emphasizes operational leadership, incident management, threat hunting and intelligence, cross-functional coordination with IT and risk teams, and continuous improvement to reduce risk, improve detection, and ensure timely, compliant incident handling.