
Posted 2 days ago
MDR Team Lead
SophosMDR Team Lead
Requirements
Up to 12 years total work experience, 5+ years in cybersecurity, 2-3 years in leadership or mentoring roles, Bachelor's degree in IT, Computer Science, or related field, Hands-on experience in security operations, Knowledge of EDR, IDS/IPS, and ATP, Familiarity with MITRE ATT&CK framework, Proficiency in Windows environments, Understanding of TCP/IP and network fundamentals, Working knowledge of PowerShell and Python
Skills
Cybersecurityincident responseSIEM
About the role
Responsibilities
- Lead day-to-day MDR operations, overseeing case queues, analyst workloads, SLA performance, and resource allocation.
- Guide and review incident investigations, validating findings and recommending response actions.
- Serve as a key point of coordination during customer and internal escalations, providing risk assessments and resolution plans.
- Coach, mentor, and develop MDR analysts through case reviews, feedback, and performance management.
- Conduct quality reviews of investigations, customer communications, and documentation to drive operational excellence.
- Analyze operational metrics and dashboards to identify trends, risks, and opportunities for service improvement.
- Develop and maintain SOPs, playbooks, workflows, and knowledge-base content.
- Provide technical leadership in intrusion analysis, incident response, digital forensics, and threat hunting.
- Partner with Engineering, Labs, and Content teams to improve detection quality and reduce false positives.
Requirements
- Up to 12 years of total work experience, with at least 5 years in cybersecurity.
- 2-3 years of experience in leadership, mentoring, or coordinating analysts in a SOC, MDR, or Incident Response environment.
- Bachelor's degree in IT, Computer Science, or a related field, or equivalent practical experience.
- Hands-on experience in security operations, including threat detection and incident investigation.
- Strong understanding of endpoint and network security technologies (EDR, IDS/IPS, ATP).
- Proficiency in Windows environments, including host artifacts and event log analysis.
- Solid understanding of network fundamentals, including TCP/IP, routing, and switching.
- Working knowledge of PowerShell and Python for automation and investigation support.
- Excellent written and verbal communication skills for technical and executive-level reporting.
Preferred Qualifications
- Experience with threat hunting methodologies and familiarity with the MITRE ATT&CK framework.
- Exposure to macOS and Linux environments.
- Experience with SIEM platforms and enterprise security data management.
- Advanced cybersecurity certifications.
Benefits
- Remote-first working model.
- Employee-led diversity and inclusion networks.
- Global wellbeing days and monthly wellbeing webinars.
- Annual charity, fundraising, and volunteer initiatives.
- Global fitness and trivia competitions.
About the Company
Sophos is a cybersecurity leader defending 600,000 organizations globally with an AI-driven platform and expert-led services. Sophos combines machine learning, automation, and real-time threat intelligence with frontline human expertise to deliver advanced, 24/7 threat monitoring, detection, and response.
ScoutJobs Agent
Get matches like this delivered daily
Sign up free — we'll pull jobs that fit your CV from across the web and rank them for you.
Get started — it's freeMDR Team Lead
Sophos · India
