Chai Waale

Description : The SOC Lead will oversee 24/7 SOC operations, guide SOC analysts, drive threat detection and response maturity, and serve as a senior escalation and advisory point for clients. This role requires strong leadership, SIEM expertise, client handling skills, and the ability to manage complex cybersecurity incidents.Key Responsibilities : SOC Operations & Team Leadership: - Lead and mentor SOC analysts (Trainee/L1/L2), ensuring quality incident monitoring and response. - Manage SOC shift rosters and ensure uninterrupted 247 coverage. - Review alerts, incident cases, and analyst performance metrics. - Drive skill development and continuous improvement across the SOC team.Incident Response & Escalation Management: - Lead critical incident response activities and escalation handling. - Conduct RCA, impact analysis, and post-incident reviews. - Document incidents and prepare client-facing incident reports.Threat Detection & Continuous Improvement: - Support and enhance SIEM detection logic and use case development. - Identify detection gaps and recommend improvements in telemetry and correlation. - Work with engineering and DevSecOps teams for SIEM/EDR/SOAR enhancements. - Track emerging threats and drive threat hunting initiatives.Client Management & Communication: - Act as the primary escalation point and interface for clients. - Provide clear technical-to-business communication on incidents and risks. - Deliver periodic SOC performance reviews, incident summaries, and intelligence briefings.Qualifications & Requirements : - 3+ years of SOC/IR experience (including 2+ years in L2/L3 role).- Strong hands-on experience with SIEM, EDR, TI tools, and SOAR platforms.- Strong understanding of Windows, Linux, network security fundamentals.- Cloud knowledge across Microsoft Azure, AWS, and GCP.- Team leadership or mentoring experience in a SOC setup.- Excellent communication, analytical thinking, and stakeholder coordination. (ref:hirist.tech)