Security Operations Center (SOC) Lead

Skills: Cyber Security

Experience Required: 8-10

• Seeking an experienced Onsite SOC Lead to lead day to day Security Operations and Incident Response for a critical energy environment.
  
• This role will be the primary onsite security leader responsible for operational execution| incident management| stakeholder communication| and continuous improvement of SOC maturity.
  
• The SOC Lead will play a key role in clients transition to a scalable| platform led SOC model with strong automation| analytics| and executive visibility.
  

Key Responsibilities:

SOC Operations and Leadership:

Lead onsite Security Operations Center activities on a daily basis Own Tier 1 through Tier 3 incident triage| investigation| and containment coordination Ensure continuous twenty four by seven monitoring aligned to agreed SLAs Drive reduction in Mean Time to Detect and Mean Time to Respond Act as the primary onsite point of contact for security operations

Incident Management:

Manage end to end incident lifecycle including escalation and resolution Lead coordination with IT| infrastructure| and application teams during incidents Provide clear and timely communication to business and executive stakeholders Conduct post incident reviews and root cause analysis

Platform and Technology Oversight:

Lead operations on the Sentinel SecOps platform Oversee log ingestion| correlation| enrichment| and analytics across IT environments Ensure effective use of SOAR playbooks and automation for response Validate and tune detection use cases aligned to energy sector threats Support roadmap planning for OT and ICS log onboarding

Threat Intelligence and Proactive Defense:

Integrate threat intelligence into detection and response workflows Enable proactive threat hunting aligned to energy sector risks Leverage AI and analytics assisted triage and investigation workflows

Governance and Reporting:

Produce operational metrics| dashboards| and monthly reporting Track alert volumes| incident trends| and platform performance Support SOC governance and continuous improvement initiatives

Required Experience:

Proven experience leading SOC operations in enterprise or critical infrastructure environments Strong hands on experience with SIEM platforms such as Sentinel| Chronicle| or equivalent Experience with incident response| threat detection| and SOC workflows Strong understanding of SOAR and security automation Excellent communication and stakeholder management skills Ability to work onsite and lead during high pressure incident scenarios

Preferred Experience:

Experience supporting energy| utilities| or industrial environments Exposure to OT or ICS security monitoring concepts Experience working with CISO level stakeholders Familiarity with hybrid IT and cloud security monitoring

Success Criteria:

Stable and reliable SOC operations

Improved detection and response timelines Successful adoption of platform led SOC operations Positive stakeholder engagement