SOC and TI Lead

Experience: 8+ years in SOC, Sentinel, AZURE & TISOCSolid understanding of information security concepts, SOC operations.Experience with SIEM tools, incident response, and vulnerability management.Hands-on experience with SIEM platform MS SentinelKnowledge of network protocols, IDS/IPS, firewalls, and endpoint security solutions.Familiarity with MITRE ATT&CK framework and threat hunting techniques.Ability to analyze logs from multiple sources (Windows, Linux, network devices).Basic scripting skills (Python, PowerShell) for automation and investigation.Excellent communication and documentation skills for reporting and escalation.Ability to work in rotational shifts and under pressure during incidents.Understanding ITIL processes for incident, problem, and change management.Understanding log sources, and event correlation.Familiarity with Azure security services (Azure AD, Key Vault, NSGs, Private Link).Knowledge of incident response lifecycle and SOC processes.Awareness of compliance frameworks (NIST, ISO 27001, GDPR.TICollect and analyze threat data from internal and external sources (ISACs, open-source, commercial feeds).Correlate Indicators of Compromise (IoCs) with organizational assets to assess exposure.Identify and track Indicators of Compromise (IOCs) such as malicious IPs, domains, file hashes, and URLs.Detect and analyze Indicators of Attack (IOAs) including behavioral patterns, tactics, and techniques used by adversaries.Collaborate with DFIR teams to provide threat intelligence during forensic investigations and incident response.Produce actionable intelligence reports for SOC, Incident Response, and Risk teams.Develop and maintain threat intelligence platforms and feeds.Map threats to frameworks such as MITRE ATT&CK for detection and response alignment.Collaborate with SOC and IR teams to support investigations and threat hunting.Monitor dark web, forums, and underground channels for potential threats.Provide recommendations for improving security posture based on intelligence findings.Stay updated on emerging threats, vulnerabilities, and regulatory requirements.

Apply Now