SOC Lead – Security Operations & Incident Response
Share
Job Location:
Monthly Salary:
Posted on:
7 hours ago
Vacancies:
1 Vacancy
Job Summary
We are seeking an experienced SOC Leader to lead our Security Operations Center and oversee all aspects of security monitoring incident response and SOC team management. The ideal candidate has 10 years of pure SOC and incident response experience including several years in a lead or managerial role and brings strong hands-on technical skills combined with people leadership coaching and team development. You will be responsible for the day-to-day operations of the SOC driving continuous improvement of detection and response capabilities and developing a high-performing team of analysts.
Key Responsibilities :
SOC Leadership & Management
- Lead manage and mentor a team of SOC analysts (Tier 13) and incident responders
- Coordinate activities between internal and external teams and partners
- Own SOC staffing scheduling and on-call rotations to ensure 24/7 or defined coverage
- Set clear expectations goals and development plans for team members; conduct regular 1:1s and performance reviews
- Create a positive accountable culture focused on learning collaboration and continuous improvement
Operations & Incident Response
- Oversee day-to-day SOC operations including alert triage investigation quality and incident handling
- Act as the incident response lead or escalation point for high-severity incidents.
- Ensure timely consistent execution of incident response processes (containment eradication recovery lessons learned)
- Coordinate closely with IT infrastructure application and business teams during security events
- Participate in on-call rotation as a point of escalation
Process Governance & Continuous Improvement
- Maintain and evolve SOC runbooks playbooks and standard operating procedures
- Define and track SOC KPIs and metrics (MTTD MTTR incident volumes false positives etc.) and report to leadership
- Drive improvements in alert quality automation and workflow to reduce noise and increase efficiency
- Contribute to the overall incident response program including tabletop exercises and post-incident reviews
Technology & Detection
- Oversee effective use of SIEM EDR/XDR SOAR and other security tools in the SOC.
- Collaborate with detection engineers and security architects to develop and tune use cases correlation rules and analytics.
- Evaluate new tools and capabilities that can strengthen monitoring threat hunting and response.
Stakeholder Management & Communication
- Serve as the primary point of contact for security incidents to internal stakeholders and leadership
- Provide clear concise incident updates and post-incident reports for technical and non-technical audiences
- Partner with risk compliance and audit teams to demonstrate SOC effectiveness and support assessments
Qualifications :
- 8 years of hands-on experience in a SOC and incident response role in medium or large environments
- 24 years in a lead or managerial capacity (Team Lead Shift Lead Supervisor or Manager) within a SOC
- Strong technical background in SIEM platforms (e.g. Splunk Microsoft Sentinel QRadar etc.) EDR/XDR solutions endpoint security and network security technologies (firewalls IDS/IPS proxies etc.)
- Strong understanding of common attack techniques threat actors and frameworks (e.g. MITRE ATT&CK)
- Proven experience leading or coordinating major security incidents from initial detection through to closure
- Demonstrated people leadership skills: coaching feedback performance management conflict resolution
- Experience creating and maintaining documentation runbooks and operational processes
- Strong communication skills (written and verbal) able to interact effectively with both technical teams and executives
- Ability to remain calm and make sound decisions under pressure
- Experience in regulated industries (e.g. financial services healthcare critical infrastructure)
- Relevant certifications such as GIAC (GCIH GCIA GCFA GCED etc.) CISSP CISM or similar
Additional Information :
What we offer!
- A competitive wage vacation benefits and a RRSP matching program
- Annual AIM tuition scholarship program up to $8500 per eligible dependents
- The tools and support needed to be successful in your career and professional development
- A dynamic & rewarding work environmentthat is also a lot of fun!
Remote Work :
No
Employment Type :
Full-time
Key Skills
- Splunk
- Compliance Management
- IDS
- SOC
- Cybersecurity
- Identity & Access Management
- Security
- Information Security
- Process Engineering
- Metadata
- Encryption
- Siem
About Company
American Iron & Metal (AIM) American Iron & Metal (AIM) is a family-owned, Canada-based company founded in 1936. Since that day, AIM has grown to be recognized as one of the Worlds most sophisticated metal recyclers, specializing in the recovery and recycling of scrap metal by-produc ... View more
