ISA Team Lead(NCS/Job/ 1110)

Responsibilities:

· Perform deep-dive investigations into complex security incidents, leveraging advanced forensics techniques (memory, disk, network, malware).

· Lead incident response activities, including containment, eradication, and recovery efforts.

· Utilize threat intelligence to contextualize attacks, identify threat actors’ TTPs, and propose defensive improvements.

· Collaborate with L1 and L2 analysts, mentoring and guiding them through technical escalations.

· Provide leadership and direction to SOC Analysts.

· Lead continuous improvement initiatives for operational processes.

· Collaborate with internal and external teams to enhance SOC functionality.

· Address personnel-related issues within the SOC team.

· Keep senior management informed about significant incidents or operational challenges.

· Provide development opportunities for SOC staff in line with established practices and standards.

· Organize shift schedules, including regular, holiday, illness, vacation, and emergency shifts.

· Ability to ensure continuous operation 24/7.

· Facilitate shift turnovers and conduct briefings to ensure smooth transitions.

· Ensure the successful execution of all daily operational processes and protocols.

· Monitor adherence to established procedures and ensure all processes are well-documented as per local requirements.

· Identify and manage tactical issues affecting SOC operations.

· Document and monitor training needs and compliance for all SOC analysts.

Requirements:

· 6+ years of experience in security operations with at least 2+ years in a leadership role.

· Bachelor’s degree in computer science, Information Security, or a related field.

· Strong leadership and team management skills.

· In-depth knowledge of SOC operations and cybersecurity best practices.

· Excellent communication and problem-solving skills.