What are the responsibilities and job description for the SOC Lead position at Realign LLC?
Job Type: Contract
Job Category: IT
Job Description
Job Title: SOC Lead
Location: San Jose, CA – Onsite
Contract Role
️ Job Description (Expanded & Professional)
We are seeking a highly skilled and experienced SOC Lead with 8–12 years of expertise in Security Operations Center management. The ideal candidate should have proven leadership capabilities, hands-on technical depth, and the ability to guide 24×7 security operations with precision and accountability.
Key Responsibilities
1. SOC Team Leadership & Governance
Lead and mentor L1, L2 Analysts, and SIEM Engineers ensuring efficient 24×7 operations.
Oversee daily SOC workflows including incident assignments, ticket lifecycle management, escalations, and SLA compliance.
Manage shift governance, ensuring high availability, weekly shift rotations, and operational discipline across the SOC.
Conduct knowledge-sharing sessions, daily standups, and performance reviews to build a mature SOC environment.
2. Advanced Threat Detection & Investigation
Perform deep-dive investigations across multiple security platforms including:
SIEM (Security Information and Event Management)
EDR/XDR tools
Event logs and system logs
Memory dumps and forensic artifacts
Network telemetry (NetFlow, PCAP analysis)
Validate security alerts, identify false positives, and improve alert quality via constant rule fine-tuning.
3. Incident Response & Threat Mitigation
Lead full-lifecycle Incident Response (IR) from detection to containment, eradication, and recovery.
Provide real-time guidance to analysts during critical security breaches.
Coordinate with cross-functional teams such as Cloud, IAM, Network, and IT Ops for rapid remediation actions.
4. Operational Excellence & Reporting
Manage BAU (Business-As-Usual) operations including dashboard creation, SLA tracking, and regular reporting for leadership.
Build executive-ready reports for KPIs, KRIs, incident trends, threat patterns, and SOC performance metrics.
Drive improvement in SOC maturity, automation, playbooks, and threat coverage.
5. Technology & Process Improvements
Work with SIEM/EDR engineering teams to enhance detection rules, parsers, correlation logic, and use cases.
Recommend improvements in logging architecture, data onboarding, and threat visibility.
Contribute to building and improving SOAR playbooks for automated incident workflows.
Stay updated with evolving cyber threats, vulnerabilities, MITRE ATT&CK techniques, and industry best practices.
Required Skills & Qualifications
8–12 years of experience in Cyber Security/SOC Operations.
Strong expertise in SIEM tools (Splunk, QRadar, Sentinel, etc.).
Hands-on experience with EDR/XDR technologies (CrowdStrike, Defender, SentinelOne, etc.).
Proficiency in network security, logs, memory analysis, and threat hunting.
Excellent leadership, communication, and incident-handling skills.
Ability to work in a high-pressure, fast-paced environment.
Hashtags
#SOCLead #SecurityOperations #CyberSecurityJobs #SIEMEngineer #SOCAnalyst #ThreatDetection #IncidentResponse #CyberDefense #EDR #ThreatHunting #CyberSecurityCareer #InfoSecJobs #SecurityLeadership #SanJoseJobs #CaliforniaJobs #SOCManager #SecurityMonitoring #NetworkSecurity #CyberThreats #SOCOperations #SOAR #SplunkJobs #AzureSentinel #CrowdStrike #CyberSecurityExpert #OnsiteJobs #TechJobsUSA #SecurityAnalyst #ThreatIntel #PurpleTeam #BlueTeamOps #SecurityEngineer #EDRTools #SIEMTools #CyberJobs
Required Skills
FULL-STACK LEAD
TECHNICAL LEAD
