Overview
Senior Tier-2/3 SOC lead to own complex investigations, run a small analyst team, and translate incident impact into business terms for senior stakeholders.
Key responsibilities
* Triage, investigate and resolve true-positive incidents end-to-end.
* Lead and manage a small SOC analyst team (rostering, mentoring, performance feedback).
* Act as the senior escalation point and lead incident response for Tier-2/3 events.
* Produce clear incident summaries and brief senior stakeholders and business owners.
* Maintain and improve SOC runbooks, playbooks and triage guides.
* Drive detection tuning and use-case development; participate in post-incident reviews and lessons learned.
Must have
* 5+ years SOC/IR experience with demonstrable true-positive case handling end-to-end.
* Proven team lead experience (mentoring, shift coordination, performance management).
* Strong communication skills and ability to explain technical incidents in business terms.
* Experience in regulated/financial services environments is desirable.
Nice to have
* Familiarity with EDR, SIEM and SOAR platforms (e.g., Sentinel, Splunk, CrowdStrike).
* Experience improving SOC KPIs (MTTR, false positive rate, coverage).
#J-18808-Ljbffr