Security Operations Centre Team Lead

Cyber Defense Centre (CDC) is part of the Chief Information Security Officer Office. The main responsibility of the team is to reduce the risk of Euroclear cyber threat surface by monitoring for malicious intent targeted at Euroclears services its supporting assets and people. We do this through the Cyber Threat Management (CTM) capabilities Security Operations Centre (SOC) and Cyber Incident & Response Team (CIRT). This includes cyber threat intelligence vulnerability management penetration testing brand and digital footprint monitoring security incident and event monitoring cyber analytics incident management and forensic analysis.
The Security Operations Centre (SOC) houses the information security team responsible for monitoring and analysing an organizations security posture on an ongoing basis. The SOC teams goal is to provide 24x7x365 capabilities to detect analyse and respond to cybersecurity incidents using a combination of technology solutions and a strong set of processes. The SOC staff works closely with the Cyber Incident Response team (CIRT) to ensure security issues are addressed quickly upon discovery.
The SOC monitors and analyses activity on networks servers endpoints databases applications websites and other systems looking for anomalous activity that could be indicative of a security incident or compromise.

SOC Team Lead

Responsibilities & duties

• As a SOC Team Lead you will be responsible for leading and managing a team of SOC Tier 1 analysts and overseeing the daytoday operations of the 24/7 security monitoring function.
• Support the onboarding process and ensure continuous training and development of SOC staff.
• Monitor the teams SLAs and KPIs ensuring highquality service delivery and operational excellence. You will also prepare operational and performance reports to management.
• Inspire the team to continuously expand their knowledge and this role you will play a key part in the teams development by providing guidance mentorship coaching and training.
• Collaborate closely with Threat Intelligence Incident Response and Engineering teams to ensure an efficient and effective security operations environment.

Qualifications required:

• At least 1 year of experience in a team leadership or shiftlead role and at least 3 years of experience in SOC Incident Response or CIRT.
• Ability to provide both technical and business leadership while inspiring and guiding team members.
• Strong knowledge of security monitoring detection and incident handling.
• Excellent English and communication skills.

Nice to have:

• Splunk and XSOAR experience
• Experience with log search tools such as Splunk usage of regular expressions and natural language
• queries
• Knowledge of encryption and cryptography
• Previous experience in the financial industry
• Scripting (automation) and familiarity with Cloud (AWS/Azure)

#LI-YK1