Security Operations Center (SOC) Lead (Tier III) in India at Jobgether
Explore Related Opportunities
Job Description
This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Security Operations Center (SOC) Lead (Tier III) based in India.
As a Security Operations Center (SOC) Lead (Tier III), you will play a critical role in safeguarding global technology environments by leading advanced threat detection, incident response, and security operations initiatives. This position combines deep technical expertise with leadership responsibilities, offering the opportunity to mentor security analysts and drive strategic cybersecurity improvements. You will work in a highly collaborative and remote environment, partnering with incident response teams, infrastructure specialists, and security engineers to address complex cyber threats across diverse operating systems and enterprise environments. The role is ideal for an experienced cybersecurity professional who thrives in high-pressure situations, enjoys solving sophisticated security challenges, and is passionate about building resilient and proactive security operations capabilities.
- Lead, mentor, and develop junior and mid-level SOC analysts, fostering technical growth, knowledge sharing, and operational excellence.
- Act as the primary escalation point for high-priority and critical security incidents, driving investigations through to resolution.
- Oversee and enhance proactive threat hunting initiatives and detection engineering programs across enterprise environments.
- Monitor, triage, and investigate security alerts originating from SIEM, EDR, and other security monitoring platforms.
- Design, implement, and optimize advanced detection rules and threat monitoring strategies across Mac, Linux, and Windows environments.
- Conduct in-depth investigations related to malware, phishing campaigns, advanced persistent threats (APTs), and other sophisticated attack vectors.
- Perform proactive threat intelligence analysis and leverage OSINT sources to improve organizational security posture.
- Collaborate closely with Incident Response teams to escalate confirmed threats and coordinate remediation efforts.
- Develop clear documentation, incident reports, and actionable recommendations to strengthen security controls and operational processes.
- Partner with cross-functional IT and infrastructure teams to identify vulnerabilities, improve security frameworks, and support enterprise security initiatives.
- Participate in on-call rotations and ensure continuous SOC coverage in a 24x7 operational environment.
- Contribute to the development of security roadmaps, operational playbooks, and automation initiatives to improve efficiency and response capabilities.
- 6–8+ years of experience within Security Operations Centers (SOC), including significant exposure to advanced incident response and technical leadership responsibilities.
- Proven experience leading and mentoring security teams in high-volume and fast-paced operational environments.
- Strong hands-on expertise with Endpoint Detection and Response (EDR) platforms, particularly CrowdStrike or equivalent technologies.
- Demonstrated experience developing and optimizing threat detection logic using CrowdStrike Query Language (CQL) or similar query languages.
- Extensive experience triaging security alerts and managing complex incidents across enterprise environments.
- Strong understanding of cybersecurity principles, threat landscapes, attack methodologies, and incident response frameworks.
- Proficiency in analyzing logs, network traffic, endpoint telemetry, and forensic artifacts across Mac, Linux, and Windows systems.
- Experience utilizing threat intelligence platforms, OSINT tools, and forensic methodologies to support investigations and threat hunting activities.
- Strong analytical, problem-solving, and decision-making skills, with the ability to remain effective under pressure.
- Excellent communication and documentation skills, with the ability to clearly articulate technical findings and remediation recommendations.
- Self-driven and proactive mindset with a demonstrated commitment to continuous learning and professional development.
- Experience leading large-scale security transformation projects and contributing to strategic cybersecurity roadmaps.
- Knowledge of scripting languages such as Python for automation and workflow optimization.
- Experience developing automation workflows and playbooks using SOAR platforms, including CrowdStrike Fusion SOAR or similar technologies.
- Familiarity with cloud security concepts and environments, including AWS, Microsoft Azure, and Google Cloud Platform (GCP).
- Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related discipline, or equivalent professional experience.
- Relevant cybersecurity certifications are considered advantageous.
- Opportunity to lead advanced cybersecurity initiatives within a globally distributed and highly technical environment.
- Exposure to cutting-edge security technologies, threat intelligence capabilities, and enterprise-scale infrastructures.
- Collaborative and engineering-driven culture that values innovation, technical excellence, and continuous improvement.
- Significant ownership and influence over security operations strategies and detection engineering initiatives.
- Career development opportunities through mentorship, cross-functional collaboration, and exposure to complex cybersecurity challenges.
- Flexible remote work environment with global team interaction and knowledge-sharing opportunities.
- Supportive and inclusive workplace culture that encourages professional growth and continuous learning.
- Competitive compensation package aligned with experience and technical expertise.