
Posted 6 hours ago
SOC Team Lead
ITHRSOC Team Lead
Perks & benefits
TransportationAnnual Ticket
Requirements
5-8 years security operations experience, 2 years leadership experience, SIEM expertise, Incident response proficiency, MITRE ATT&CK knowledge, EDR experience, Mandatory certification (CISSP, GCIH, GCFA, or ISO 27001)
Skills
SIEMincident responseCybersecurity
About the role
About the Company
ITHR is a technology consulting and professional services organisation supporting enterprises across the UAE and Middle East with digital transformation, cybersecurity, ERP implementation, talent solutions, managed services, and custom application development.
Responsibilities
- Lead, mentor, and develop a team of L1, L2, and L3 SOC analysts
- Serve as the primary escalation point for high-severity and complex incidents
- Conduct and oversee threat detection, alert triage, investigation, and incident response activities
- Lead threat hunting initiatives to identify indicators of compromise and emerging threats
- Own and improve SIEM correlation rules, detection logic, and alert tuning
- Develop and maintain incident response playbooks and operational runbooks
- Produce and review customer-facing incident reports and security advisories
- Manage SLA adherence across detection, triage, and response activities
- Collaborate with DFIR teams on post-incident reviews and lessons learned
Requirements
- 5–8 years of experience in security operations
- At least 2 years in a senior analyst or team lead capacity
- Hands-on experience with SIEM platforms (Microsoft Sentinel, Splunk, or IBM QRadar)
- Strong understanding of incident response methodologies and MITRE ATT&CK framework
- Experience with EDR technologies (CrowdStrike, SentinelOne, or Microsoft Defender)
- Experience with network security monitoring and IDS/IPS technologies
- Must hold at least one of the following: CISSP, GCIH, GCFA, or ISO/IEC 27001 Lead Implementer/Auditor
Preferred Qualifications
- Experience in a Managed SOC or MSSP environment
- Experience with SOAR platforms
- Familiarity with cloud security monitoring (Azure, AWS, or GCP)
- Exposure to DFIR methodologies including memory and disk forensics
- Scripting capabilities using Python, PowerShell, or KQL
ScoutJobs Agent
Get matches like this delivered daily
Sign up free — we'll pull jobs that fit your CV from across the web and rank them for you.
Get started — it's freeSOC Team Lead
ITHR · Dubai
