SOC Tech Lead

Job Title: SOC Team Lead (Splunk SIEM)

Location: Paris

Mission Length: 1 year initial contract

Job Overview: We are seeking an experienced and driven SOC (Security Operations Center) Team Lead to manage a team of 15 cybersecurity professionals. As the SOC Team Lead, you will be responsible for overseeing the day-to-day operations of the SOC, with a specific focus on leveraging Splunk SIEM to detect, analyze, and respond to security incidents. You will lead and mentor a team of analysts, ensuring the SOC is efficient, effective, and capable of mitigating security threats in a timely and professional manner.

Key Responsibilities:

Leadership & Management:

• Lead, supervise, and mentor a team of 15 SOC analysts, ensuring they meet performance objectives and maintain a high standard of security monitoring and incident response.
• Foster a positive and collaborative team culture, encouraging continuous learning and professional growth.
• Conduct regular one-on-one meetings with team members to provide feedback, set goals, and address any performance or developmental needs.
• Ensure the team is fully trained and capable of handling security incidents effectively.

Splunk SIEM Operations:

• Oversee the daily operation and optimization of Splunk SIEM to monitor, detect, and respond to security threats and incidents.
• Manage the configuration, customization, and fine-tuning of Splunk to ensure effective log analysis and correlation of security events.
• Develop, maintain, and continuously improve custom dashboards, reports, and alerts in Splunk to ensure timely and accurate detection of threats.

Incident Response & Threat Management:

• Lead the team in responding to security incidents, conducting thorough analysis, and coordinating appropriate remediation efforts.
• Work closely with other departments (e.g., IT, Network, Legal, Compliance) to investigate and resolve security issues.
• Identify emerging security threats and work with the team to adapt SOC monitoring processes to mitigate new risks.

Reporting & Documentation:

• Prepare and deliver regular reports on SOC activities, incidents, and metrics to senior management and stakeholders.
• Maintain clear, thorough documentation of security incidents, processes, procedures, and best practices for future reference.
• Track and report on KPIs and SLAs to measure SOC performance and ensure continuous improvement.

Strategy & Process Improvement:

• Collaborate with leadership to define and execute SOC strategies, ensuring the team is aligned with organizational goals and objectives.
• Identify opportunities for process improvements and automation to enhance efficiency and response time.
• Stay up-to-date on the latest cybersecurity trends and Splunk features to continually evolve SOC capabilities.

Collaboration & Cross-Functional Communication:

• Serve as a liaison between the SOC team and other departments, ensuring timely communication during security incidents or ongoing investigations.
• Build strong relationships with stakeholders to align security operations with business goals.
• Provide expertise and guidance on security best practices to non-technical teams.