Security Delivery Lead

Job Description:

The SOC Lead is a senior-level cybersecurity professional responsible for leading and managing the Security Operations Center (SOC).

The SOC Lead ensures the effectiveness of threat monitoring, detection, and incident response operations. They lead and coordinate the full lifecycle of Incident Management and Crisis Response, ensuring swift containment, mitigation, and recovery of security events with minimal impact to the organization. This includes the development and enforcement of operational playbooks, incident escalations, and cross-functional coordination with IT, legal, compliance, and executive leadership.

Skills and Knowledge Requirements:

Required Experience

• Minimum 8 years of professional experience in cybersecurity or related fields.
• At least 2 years in a senior SOC or leadership role.

Technical Skills:

• In-depth knowledge of SIEM platforms (e.g., Splunk, QRadar, Google SecOps, Sentinel).
• Strong experience with EDR/XDR, IDS/IPS, firewalls, threat intelligence platforms, and cloud security.
• Familiarity with the MITRE ATT&CK framework and IR Methodology.
• Familiarity with different Cybersecurity Laws, Regulations, Standards and Policies.
• Proven leadership in managing SOC teams and operations in large or complex environments.
• Ability to develop and implement cybersecurity strategies aligned with business objectives.
• Skilled in risk management, policy creation, and compliance enforcement.
• Strong understanding of IT governance and service management frameworks (e.g., ITIL).
• Experienced in resolving Cybersecurity Incidents and leading Crisis Management.

Soft Skills:

• Excellent communication and collaboration skills across technical and executive teams.
• Critical thinking and decision-making under pressure during incident response.
• Project management, change management, and strategic planning capabilities.

Recommended Training & Certifications:

• SANS SEC511 – Cybersecurity Engineering: Advanced Threat Detection and Monitoring / GIAC Continuous Monitoring Certification (GMON)
• SANS LDR551 – Building and Leading Security Operations Centers / GIAC Security Operations Manager Certification (GSOM)
• SANS LDR514 – Security Strategic Planning, Policy, and Leadership / GIAC Strategic Planning, Policy, and Leadership (GSTRT)
• CISSP – Certified Information Systems Security Professional
• CISM – Certified Information Security Manager®
• CISA – Certified Information Systems Auditor®
• CRISC – Certified in Risk and Information Systems Control®
• ITIL4 Foundation – IT Service Management Best Practices

The SOC Lead is a senior-level cybersecurity professional responsible for leading and managing the Security Operations Center (SOC).

The SOC Lead ensures the effectiveness of threat monitoring, detection, and incident response operations. They lead and coordinate the full lifecycle of Incident Management and Crisis Response, ensuring swift containment, mitigation, and recovery of security events with minimal impact to the organization. This includes the development and enforcement of operational playbooks, incident escalations, and cross-functional coordination with IT, legal, compliance, and executive leadership.

Skills and Knowledge Requirements:

Required Experience

• Minimum 8 years of professional experience in cybersecurity or related fields.
• At least 2 years in a senior SOC or leadership role.

Technical Skills:

• In-depth knowledge of SIEM platforms (e.g., Splunk, QRadar, Google SecOps, Sentinel).
• Strong experience with EDR/XDR, IDS/IPS, firewalls, threat intelligence platforms, and cloud security.
• Familiarity with the MITRE ATT&CK framework and IR Methodology.
• Familiarity with different Cybersecurity Laws, Regulations, Standards and Policies.
• Proven leadership in managing SOC teams and operations in large or complex environments.
• Ability to develop and implement cybersecurity strategies aligned with business objectives.
• Skilled in risk management, policy creation, and compliance enforcement.
• Strong understanding of IT governance and service management frameworks (e.g., ITIL).
• Experienced in resolving Cybersecurity Incidents and leading Crisis Management.

Soft Skills:

• Excellent communication and collaboration skills across technical and executive teams.
• Critical thinking and decision-making under pressure during incident response.
• Project management, change management, and strategic planning capabilities.

Recommended Training & Certifications:

• SANS SEC511 – Cybersecurity Engineering: Advanced Threat Detection and Monitoring / GIAC Continuous Monitoring Certification (GMON)
• SANS LDR551 – Building and Leading Security Operations Centers / GIAC Security Operations Manager Certification (GSOM)
• SANS LDR514 – Security Strategic Planning, Policy, and Leadership / GIAC Strategic Planning, Policy, and Leadership (GSTRT)
• CISSP – Certified Information Systems Security Professional
• CISM – Certified Information Security Manager®
• CISA – Certified Information Systems Auditor®
• CRISC – Certified in Risk and Information Systems Control®
• ITIL4 Foundation – IT Service Management Best Practices