- Company Name
- interactive investor
- Job Title
- Security Operations Team Lead
- Job Description
-
Job title: Security Operations Team Lead
Role Summary
Lead and manage the internal Security Operations team, overseeing SIEM and EDR platforms, incident response, threat intelligence, and security monitoring to protect key business assets and maintain compliance.
Expectations
- 5+ years of cybersecurity experience, with a proven track record in incident response and security operations.
- Demonstrated leadership of a SecOps team and ability to implement and manage a strategy around SIEM and EDR solutions.
- In-depth knowledge of network, endpoint, cloud, and OS security, including firewall, IDS/IPS, Windows event logs, and MITRE ATT&CK framework.
Key Responsibilities
- Manage day‑to‑day operations of the internal SecOps team and coordinate with external SOC for SIEM oversight.
- Own incident response process: investigate, contain, remediate, and conduct lessons‑learned reviews.
- Monitor security landscape, analyze reports, identify trends, and coordinate remediation.
- Lead threat intelligence, detection, and proactive hunting initiatives across networks and systems.
- Maintain EDR agents, create exception rules, and respond to alerts.
- Direct the team during incidents, ensuring timely escalation and clear communication to stakeholders.
Required Skills
- Advanced analytical, troubleshooting, and problem‑solving abilities.
- Strong communication skills to articulate complex security concepts to non‑technical audiences.
- Proficiency with SIEM tools (e.g., Google Chronicle) and familiarity with MITRE ATT&CK framework.
- Ability to identify control weaknesses, vulnerabilities, and potential malware attacks.
- Calm under pressure, detail‑oriented, and capable of making sound decisions quickly.
Required Education & Certifications
- Bachelor's degree in IT, Cybersecurity, or related field (preferred).
- Industry‑recognized cybersecurity qualification, such as CISSP, CISM, GCIH, or equivalent.