SOC Shift Lead

The SOC Shift Lead will be responsible for leading shift operations, managing escalated security incidents, and ensuring timely, accurate incident resolution within defined SLAs. The role requires strong technical expertise in SIEM, incident response leadership, and collaboration with cross-functional teams to enhance detection, automation, and operational efficiency.

Requirements

Key Responsibilities

• Conduct deep-dive analysis of SIEM alerts escalated by Senior Engineers and ensure final closure of incidents within SLA.
• Correlate data from multiple log sources to gain holistic threat visibility and ensure accurate incident resolution.
• Act as Shift Lead, ensuring effective handovers, task delegation, and gap-free SOC operations.
• Participate in use-case tuning (production and testing) and provide enhancement recommendations based on BAU findings.
• Collaborate in playbook design workshops with SOAR teams; provide scenario-based testing and automation recommendations.
• Work closely with developers during requirement-gathering sessions for automation and orchestration needs.
• Prepare, review, and maintain documentation including RCA reports, Incident Response Checklists (IRC), and escalation matrices.
• Ensure audit readiness by preparing submissions for internal/external, regulatory, and non-regulatory audits.
• Raise improvement recommendations with the Content Management Team to reduce false positives and improve detection accuracy.
• Provide support during major security incidents, including investigation and root cause analysis (RCA).
• Ensure compliance with MTTR (Mean Time to Resolve) metrics and maintain correctness and completeness of alert closures.

Required Skills & Qualifications

• Strong experience in SOC operations, SIEM monitoring, and incident response.
• Hands-on expertise in alert analysis, threat correlation, and escalation management.
• Experience working with SOAR platforms, automation workflows, and playbooks.
• Solid understanding of security frameworks, audit requirements, and compliance standards.
• Proven ability to lead shifts, manage workloads, and coordinate across teams.
• Excellent documentation, communication, and stakeholder-management skills.

Preferred Qualifications

• Experience in 24x7 SOC environments.
• Exposure to regulatory and compliance audits.
• Strong analytical and problem-solving mindset.