SOC Team Lead
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
ITHR seeks a SOC Team Lead to lead a team of SOC analysts (L1/L2/L3) in the UAE, overseeing threat detection, incident response, and continuous improvement of security operations.
Key Skills for This Role
Responsibilities
- Lead, mentor, and develop a team of L1, L2, and L3 SOC analysts, owning shift coverage, performance management, and professional growth
- Serve as primary escalation point for high severity and complex incidents across monitored customer environments
- Conduct and oversee threat detection, alert triage, investigation, and incident response activities
- Lead threat hunting initiatives to identify indicators of compromise, attacker persistence mechanisms, lateral movement, and emerging threats
- Own and continuously improve SIEM correlation rules, detection logic, use cases, and alert tuning
- Develop, maintain, and enforce incident response playbooks, operational runbooks, and escalation procedures
- Produce and review customer facing incident reports, security advisories, executive summaries, and monthly service reports
- Manage SLA adherence across detection, triage, escalation, containment, and response activities
- Collaborate with DFIR teams on post incident reviews and lessons learned
- Coordinate with customers and internal delivery teams during active incidents
- Support customer onboarding activities including log source integration, use case development, and baseline establishment
- Stay current with threat landscape and translate insights into actionable improvements
Requirements
- 5 8 years of experience in security operations, with at least 2 years in a senior analyst or team lead capacity
- Proven hands on experience with SIEM platforms including rule development, log integration, alert tuning, investigation workflows, and detection engineering
- Experience with Microsoft Sentinel, Splunk, IBM QRadar, or similar enterprise SIEM technologies
- Strong practical understanding of incident response methodologies including triage, containment, eradication, recovery, and post incident activities
- Deep understanding of attacker TTPs and strong familiarity with MITRE ATT&CK framework
- Hands on experience with endpoint detection and response technologies such as CrowdStrike, SentinelOne, Microsoft Defender, or equivalent
- Experience with network security monitoring, IDS/IPS technologies, firewall investigations, and anomaly detection techniques
- Strong reporting and communication capabilities, including production of executive ready incident reports
- Demonstrated ability to lead, coach, and develop analysts within a shift based operational environment
- At least one of CISSP, GCIH, GCFA, or ISO/IEC 27001 Lead Implementer or Lead Auditor certification
Full Job Posting
Role Overview
- The SOC Team Lead is a senior hands on role responsible for day to day leadership of the ITHR Security Operations team.
- You will oversee a team of SOC analysts (L1/L2/L3), own quality of detection and response, and serve as primary escalation point for significant incidents.
- This role combines technical depth with people leadership and operational excellence.
Key Responsibilities
- Lead, mentor, and develop a team of L1, L2, and L3 SOC analysts.
- Serve as primary escalation point for high severity and complex incidents.
- Conduct and oversee threat detection, alert triage, investigation, and incident response.
- Lead threat hunting initiatives.
- Own and continuously improve SIEM correlation rules, detection logic, use cases, and alert tuning.
- Develop, maintain, and enforce incident response playbooks and escalation procedures.
- Produce and review customer facing incident reports and executive summaries.
- Manage SLA adherence across detection, triage, escalation, containment, and response.
- Collaborate with DFIR teams on post incident reviews.
- Coordinate with customers and internal teams during active incidents.
- Support customer onboarding activities.
- Stay current with threat landscape and translate insights into improvements.
Required Qualifications (Must Have)
- 5 8 years of experience in security operations, with at least 2 years in a senior analyst or team lead capacity.
- Proven hands on experience with SIEM platforms including rule development, log integration, alert tuning, investigation workflows, and detection engineering.
- Experience with Microsoft Sentinel, Splunk, IBM QRadar, or similar enterprise SIEM technologies.
- Strong practical understanding of incident response methodologies.
- Deep understanding of attacker TTPs and strong familiarity with MITRE ATT&CK framework.
- Hands on experience with endpoint detection and response technologies such as CrowdStrike, SentinelOne, Microsoft Defender, or equivalent.
- Experience with network security monitoring, IDS/IPS technologies, firewall investigations, and anomaly detection.
- Strong reporting and communication capabilities.
- Demonstrated ability to lead, coach, and develop analysts.
- At least one of CISSP, GCIH, GCFA, or ISO/IEC 27001 Lead Implementer or Lead Auditor certification.
Preferred Qualifications (Nice to Have)
- Experience within a Managed SOC or MSSP environment.
- Experience with SOAR platforms including Microsoft Sentinel SOAR, Palo Alto XSOAR, Splunk SOAR, or equivalent.
- Familiarity with cloud security monitoring including Azure, AWS, and GCP.
- Exposure to DFIR methodologies including memory analysis, disk forensics, malware triage.
- Understanding of OT and ICS monitoring concepts.
- Prior experience delivering managed security services within UAE or Middle East.
- Familiarity with regional frameworks including UAE IA, NESA, SAMA.
- Scripting capabilities using Python, PowerShell, or KQL.
Soft Skills & Professional Attributes
- Calm and decisive under pressure with ability to lead teams through high severity incidents.
- Strong written and verbal communication skills.
- Detail oriented while maintaining visibility of broader objectives.
- Natural mentor who contributes to analyst growth.
- Continuous improvement mindset.
- Operates with integrity, professionalism, and discretion.
What We Offer
- Competitive Compensation aligned with experience and regional benchmarks.
- Training & Certification Budget.
- Hands on Technical Exposure across diverse customer portfolio.
- Influence over SOC strategy, tooling decisions, and operational processes.
- Clear Growth Path into SOC Manager, Head of SOC, or DFIR leadership roles.
- Collaborative technology focused team culture.
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career
More from this employer
More jobs at Qode
GRC Specialist - UAE National
Dubai, UAE
Qode is seeking a GRC Specialist to support governance, risk, and compliance functions in banking and financial services. The role involves risk assessments, policy management, audit coordination, and regulatory complian
Senior SOC Analyst
Dubai, UAE
ITHR Technologies is seeking a Senior SOC Analyst to join their Managed Security Services team in the UAE. The role involves L3-level alert investigation, incident response, threat hunting, and SIEM tuning in a multi-cus
Senior SOC Analyst
Abu Dhabi, UAE
ITHR Technologies is seeking a Senior SOC Analyst for their Managed Security Services team. The role involves L3-level alert investigation, incident response, threat hunting, and SIEM tuning in a multi-customer MSSP envi
Network Security Engineer
Dubai, UAE
ITHR is seeking an experienced Network Security Engineer for a hands-on role spanning the full project lifecycle. You will design, deploy, and configure next-generation firewalls, develop PoC environments, and produce cu
SOC Team Lead
, UAE
ITHR is seeking a technically strong and operationally experienced SOC Team Lead to lead a team of SOC analysts, oversee threat detection and incident response, and drive continuous improvements in detection engineering
Network Security Engineer
Abu Dhabi, UAE
ITHR seeks a Network Security Engineer for hands-on delivery of enterprise network security solutions including NGFW, VPN, and SASE. Requires 4-8 years of network security experience, deep expertise in Palo Alto, Fortine
Pre-Sales Consultant - Technology & Cybersecurity
Abu Dhabi, UAE
ITHR is seeking a Pre-Sales Consultant to bridge customer challenges with technology solutions in cybersecurity, ERP, and cloud services. The role requires 4-6+ years of pre-sales experience, strong technical fundamental
SAP MM S/4HANA Consultant
Dubai, UAE
ITHR Technologies Consulting LLC is seeking an experienced SAP MM S/4HANA Consultant for a permanent hybrid role in Dubai. The consultant will lead end-to-end implementations, optimize procurement and supply chain proces
GRC Specialist - UAE National
Dubai, UAE
Senior SOC Analyst
Dubai, UAE
Senior SOC Analyst
Abu Dhabi, UAE
Network Security Engineer
Dubai, UAE
SOC Team Lead
, UAE
Network Security Engineer
Abu Dhabi, UAE
Pre-Sales Consultant - Technology & Cybersecurity
Abu Dhabi, UAE
SAP MM S/4HANA Consultant
Dubai, UAE