Job Title: SOC Team Lead
Location: Mississauga, Ontario (Remote)
Job Summary
Seeking an experienced SOC Team Lead / Manager to lead 24x7 Security Operations Center (SOC) activities at the client site. The role involves managing a team of 5–6 SOC analysts, overseeing incident response, threat monitoring, and security operations using Microsoft Sentinel and Microsoft Defender suite.
Key Responsibilities
- Lead onsite SOC operations, incident response, and security monitoring activities.
- Manage Microsoft Sentinel SIEM, alert monitoring, log integration, and detection use cases.
- Act as escalation point for major security incidents and ensure SLA adherence.
- Develop SOPs, runbooks, playbooks, and improve SOC processes.
- Implement automation using SOAR, Logic Apps, and PowerShell scripting.
- Publish SOC reports, KPIs, incident trends, and governance updates.
- Coordinate with client stakeholders, vendors, and infrastructure teams.
Required Skills
- Strong experience with Microsoft Sentinel and Microsoft Defender suite.
- Hands-on SOC operations, incident response, and threat detection expertise.
- Experience with SOAR, automation, PowerShell scripting, and Azure security.
- Knowledge of MITRE ATT&CK, threat hunting, NIST, ISO 27001, and CIS Controls.
- Excellent leadership, communication, and stakeholder management skills.
Experience & Qualifications
- Bachelor’s degree in Cybersecurity, Computer Science, or related field.
- 7–12 years of SOC / cybersecurity operations experience.
- 3+ years in SOC Team Lead
Certifications preferred:
CISSP, CISM, CEH, Microsoft Security, Azure Security Engineer.
Work Conditions
- Full-time onsite role supporting 24x7 SOC operations.
- On-call support for critical security incidents.
- High accountability in SLA-driven environment.
