Responsibilities
- Lead daily operations of a global, 24/7 security operations center spanning multiple locations, monitoring approximately 3 million endpoints, managing human-led response after AI triage, incident handling, escalation protocols, and performance tracking across shifts and regional teams.
- Recruit, mentor, and develop security analysts and team leads; establish career development pathways, conduct periodic skill evaluations, and provide continuous training on security tools and industry best practices.
- Identify opportunities to automate workflows using scripting, SOAR platforms, or custom playbooks to reduce manual effort, increase operational efficiency, and accelerate response timelines.
- Lead and support proactive threat hunting efforts; collaborate with analysts to detect advanced persistent threats, refine detection logic, improve alerting mechanisms, and fine-tune security configurations for client environments.
- Assess current tools, technologies, and workflows to recommend improvements; initiate and drive projects that enhance SOC maturity and adaptability in response to evolving cyber threats.
- Act as primary contact for customer escalations; deliver incident summaries, threat intelligence updates, and service performance reviews to ensure high satisfaction through transparent communication and metric alignment in a multi-client setting.
- Oversee shift scheduling, compliance documentation, and coordination with engineering, threat intelligence, and security operations teams to ensure seamless cross-functional operations.
Work Arrangement
Remote (Worldwide)