{bc}
linkedin

SOC Team Lead

Olik Global
Dubai, UAE
Full Time
Lead
Onsite
1 weeks ago
SIEMIncident ResponseThreat DetectionMicrosoft SentinelSplunkIBM QRadar
Free

Job Fit Check

Base Career helps you apply smarter for this job.

?%
Ready to Scan

Key skills for this role

SIEMIncident ResponseThreat Detection
Smart Apply

Full Job Posting

Role Overview

  • The SOC Team Lead is a senior hands on role responsible for the day to day leadership of the ITHR Security Operations team.
  • You will oversee a team of SOC analysts (L1/L2/L3), own the quality of detection and response across monitored customer environments, and serve as the primary escalation point for significant incidents.
  • This role combines technical depth with people leadership and operational excellence.

Key Responsibilities

  • Lead, mentor, and develop a team of L1, L2, and L3 SOC analysts, owning shift coverage, performance management, and professional growth
  • Serve as the primary escalation point for high severity and complex incidents across monitored customer environments
  • Conduct and oversee threat detection, alert triage, investigation, and incident response activities while remaining actively involved in analysis and investigation work
  • Lead threat hunting initiatives by proactively identifying indicators of compromise, attacker persistence mechanisms, lateral movement, and emerging threats
  • Own and continuously improve SIEM correlation rules, detection logic, use cases, and alert tuning to reduce false positives and improve detection effectiveness
  • Develop, maintain, and enforce incident response playbooks, operational runbooks, and escalation procedures to ensure consistent execution across the SOC
  • Produce and review customer facing incident reports, security advisories, executive summaries, and monthly service reports to ensure clarity, accuracy, and business relevance
  • Manage SLA adherence across detection, triage, escalation, containment, and response activities, identifying bottlenecks and implementing service improvements
  • Collaborate with DFIR teams on post incident reviews, lessons learned exercises, and continuous enhancement initiatives
  • Coordinate with customers and internal delivery teams during active incidents, providing updates, guiding containment actions, and managing stakeholder expectations
  • Support customer onboarding activities including log source integration, use case development, baseline establishment, and initial detection tuning
  • Stay current with the threat landscape, attacker methodologies, regional threat actors, and emerging attack trends, translating these insights into actionable improvements

Required Qualifications (must have)

  • 5 8 years of experience in security operations, with at least 2 years in a senior analyst or team lead capacity
  • Proven hands on experience with SIEM platforms including rule development, log integration, alert tuning, investigation workflows, and detection engineering
  • Experience with Microsoft Sentinel, Splunk, IBM QRadar, or similar enterprise SIEM technologies
  • Strong practical understanding of incident response methodologies including triage, containment, eradication, recovery, and post incident activities
  • Deep understanding of attacker tactics, techniques, and procedures (TTPs) and strong familiarity with the MITRE ATT&CK framework
  • Hands on experience with endpoint detection and response technologies such as CrowdStrike, SentinelOne, Microsoft Defender, or equivalent solutions
  • Experience with network security monitoring, IDS/IPS technologies, firewall investigations, and anomaly detection techniques
  • Strong reporting and communication capabilities, including production of executive ready incident reports and customer communications
  • Demonstrated ability to lead, coach, and develop analysts within a shift based operational environment
  • At least one of the mandatory certifications: CISSP, GCIH, GCFA, ISO/IEC 27001 Lead Implementer or Lead Auditor

Certifications

  • Mandatory (at least one): CISSP, GCIH, GCFA, ISO/IEC 27001 Lead Implementer or Lead Auditor
  • Advantageous: GCED, Certified SOC Analyst (CSA), Microsoft Certified: Security Operations Analyst (SC 200), CompTIA CySA+, CompTIA Security+

Preferred Qualifications (nice to have)

  • Experience within a Managed SOC or MSSP environment supporting multiple customer environments simultaneously
  • Experience with SOAR platforms including Microsoft Sentinel SOAR, Palo Alto XSOAR, Splunk SOAR, or equivalent orchestration technologies
  • Familiarity with cloud security monitoring including Azure, AWS, and GCP log sources, cloud native detections, and identity centric attack patterns
  • Exposure to DFIR methodologies including memory analysis, disk forensics, malware triage, and forensic investigations
  • Understanding of OT and ICS monitoring concepts
  • Prior experience delivering managed security services within the UAE or Middle East region
  • Familiarity with regional frameworks and standards including UAE IA, NESA, SAMA, and sector specific compliance requirements
  • Scripting capabilities using Python, PowerShell, or KQL for automation, parsing, and detection engineering

Soft Skills & Professional Attributes

  • Calm and decisive under pressure with the ability to confidently lead teams through high severity incidents
  • Strong written and verbal communication skills with the ability to brief customers, executives, and technical stakeholders effectively
  • Detail oriented while maintaining visibility of broader operational objectives
  • Natural mentor who actively contributes to analyst growth and capability development
  • Continuous improvement mindset focused on improving detection quality, reducing operational noise, and enhancing response effectiveness
  • Operates with integrity, professionalism, and discretion when handling sensitive customer information

What We Offer

  • Competitive Compensation — Salary aligned with experience, expertise, and regional market benchmarks
  • Training & Certification Budget — Dedicated annual investment in certifications, labs, and professional development
  • Hands on Technical Exposure — Lead investigations and response activities across a diverse customer portfolio
  • Influence Over the Practice — Opportunity to shape SOC strategy, tooling decisions, operational processes, and team growth
  • Growth Path — Clear progression into SOC Manager, Head of SOC, Managed Services Director, or DFIR leadership roles
  • Culture — A collaborative technology focused team that values technical excellence, ownership, customer success, innovation, and execution

Apply for this job in 1 click

Skip the repetitive application forms

Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.

Sarah M.James T.Maya R.

Trusted by over 500,000 job seekers on Base Career

Start Free Today

More from this employer

More jobs at Olik Global