SOC Team Lead
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
ITHR is seeking a technically strong and operationally experienced SOC Team Lead to lead a team of SOC analysts, oversee threat detection and incident response, and drive continuous improvements in detection engineering and SIEM coverage.
Key Skills for This Role
Responsibilities
- Lead, mentor, and develop a team of L1, L2, and L3 SOC analysts
- Serve as the primary escalation point for high severity and complex incidents
- Conduct and oversee threat detection, alert triage, investigation, and incident response activities
- Lead threat hunting initiatives
- Own and continuously improve SIEM correlation rules, detection logic, use cases, and alert tuning
- Develop, maintain, and enforce incident response playbooks, operational runbooks, and escalation procedures
- Produce and review customer facing incident reports, security advisories, executive summaries, and monthly service reports
- Manage SLA adherence across detection, triage, escalation, containment, and response activities
- Collaborate with DFIR teams on post incident reviews and lessons learned
- Coordinate with customers and internal delivery teams during active incidents
- Support customer onboarding activities including log source integration and use case development
- Stay current with the threat landscape and translate insights into actionable improvements
Requirements
- 5–8 years of experience in security operations
- At least 2 years in a senior analyst or team lead capacity
- Hands on experience with SIEM platforms including rule development, log integration, alert tuning, investigation workflows, and detection engineering
- Experience with Microsoft Sentinel, Splunk, IBM QRadar, or similar enterprise SIEM technologies
- Strong practical understanding of incident response methodologies
- Deep understanding of attacker TTPs and familiarity with MITRE ATT&CK framework
- Hands on experience with endpoint detection and response technologies such as CrowdStrike, SentinelOne
Full Job Posting
Role Overview
- The SOC Team Lead is a senior hands on role responsible for the day to day leadership of the ITHR Security Operations team.
- You will oversee a team of SOC analysts (L1/L2/L3), own the quality of detection and response across monitored customer environments, and serve as the primary escalation point for significant incidents.
- This role combines technical depth with people leadership and operational excellence.
Key Responsibilities
- Lead, mentor, and develop a team of L1, L2, and L3 SOC analysts, owning shift coverage, performance management, and professional growth.
- Serve as the primary escalation point for high severity and complex incidents across monitored customer environments.
- Conduct and oversee threat detection, alert triage, investigation, and incident response activities while remaining actively involved in analysis and investigation work.
- Lead threat hunting initiatives by proactively identifying indicators of compromise, attacker persistence mechanisms, lateral movement, and emerging threats.
- Own and continuously improve SIEM correlation rules, detection logic, use cases, and alert tuning to reduce false positives and improve detection effectiveness.
- Develop, maintain, and enforce incident response playbooks, operational runbooks, and escalation procedures to ensure consistent execution across the SOC.
- Produce and review customer facing incident reports, security advisories, executive summaries, and monthly service reports to ensure clarity, accuracy, and business relevance.
- Manage SLA adherence across detection, triage, escalation, containment, and response activities, identifying bottlenecks and implementing service improvements.
- Collaborate with DFIR teams on post incident reviews, lessons learned exercises, and continuous enhancement initiatives.
- Coordinate with customers and internal delivery teams during active incidents, providing updates, guiding containment actions, and managing stakeholder expectations.
- Support customer onboarding activities including log source integration, use case development, baseline establishment, and initial detection tuning.
- Stay current with the threat landscape, attacker methodologies, regional threat actors, and emerging attack trends, translating these insights into actionable improvements.
Required Qualifications (Must Have)
- 5–8 years of experience in security operations, with at least 2 years in a senior analyst or team lead capacity.
- Proven hands on experience with SIEM platforms including rule development, log integration, alert tuning, investigation workflows, and detection engineering.
- Experience with Microsoft Sentinel, Splunk, IBM QRadar, or similar enterprise SIEM technologies.
- Strong practical understanding of incident response methodologies including triage, containment, eradication, recovery, and post incident activities.
- Deep understanding of attacker tactics, techniques, and procedures (TTPs) and strong familiarity with the MITRE ATT&CK framework.
- Hands on experience with endpoint detection and response technologies such as CrowdStrike, SentinelOne, Mic
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career
More from this employer
More jobs at Qode
GRC Specialist - UAE National
Dubai, UAE
Qode is seeking a GRC Specialist to support governance, risk, and compliance functions in banking and financial services. The role involves risk assessments, policy management, audit coordination, and regulatory complian
Senior SOC Analyst
Dubai, UAE
ITHR Technologies is seeking a Senior SOC Analyst to join their Managed Security Services team in the UAE. The role involves L3-level alert investigation, incident response, threat hunting, and SIEM tuning in a multi-cus
Senior SOC Analyst
Abu Dhabi, UAE
ITHR Technologies is seeking a Senior SOC Analyst for their Managed Security Services team. The role involves L3-level alert investigation, incident response, threat hunting, and SIEM tuning in a multi-customer MSSP envi
Network Security Engineer
Dubai, UAE
ITHR is seeking an experienced Network Security Engineer for a hands-on role spanning the full project lifecycle. You will design, deploy, and configure next-generation firewalls, develop PoC environments, and produce cu
SOC Team Lead
Abu Dhabi, UAE
ITHR seeks a SOC Team Lead to lead a team of SOC analysts (L1/L2/L3) in the UAE, overseeing threat detection, incident response, and continuous improvement of security operations. The role combines technical depth with p
Network Security Engineer
Abu Dhabi, UAE
ITHR seeks a Network Security Engineer for hands-on delivery of enterprise network security solutions including NGFW, VPN, and SASE. Requires 4-8 years of network security experience, deep expertise in Palo Alto, Fortine
Pre-Sales Consultant - Technology & Cybersecurity
Abu Dhabi, UAE
ITHR is seeking a Pre-Sales Consultant to bridge customer challenges with technology solutions in cybersecurity, ERP, and cloud services. The role requires 4-6+ years of pre-sales experience, strong technical fundamental
SAP MM S/4HANA Consultant
Dubai, UAE
ITHR Technologies Consulting LLC is seeking an experienced SAP MM S/4HANA Consultant for a permanent hybrid role in Dubai. The consultant will lead end-to-end implementations, optimize procurement and supply chain proces
GRC Specialist - UAE National
Dubai, UAE
Senior SOC Analyst
Dubai, UAE
Senior SOC Analyst
Abu Dhabi, UAE
Network Security Engineer
Dubai, UAE
SOC Team Lead
Abu Dhabi, UAE
Network Security Engineer
Abu Dhabi, UAE
Pre-Sales Consultant - Technology & Cybersecurity
Abu Dhabi, UAE
SAP MM S/4HANA Consultant
Dubai, UAE