Lead SOC Engineer

Lead SOC Engineer

Work Experience: 9 to 15 Years

Work Timing: EST Hours US work timing

Work Location: Chennai Pune Bangalore Work from office/Hybrid

Key Responsibilities:

1. Security Tool Engineering & Management

Lead the design implementation and maintenance of core security platforms including SIEM EDR or XDR SOAR and Threat Intelligence Platforms.

Develop and fine-tune SIEM correlation rules dashboards alerts and integrate new log sources.

Manage and optimize EDR or MDR or Intune agents ensure full coverage and report and remediate tooling gaps.

Oversee Cisco Umbrella monitoring alert response URL policy configurations and tuning.

Manage MDM or MAM or UEM platforms including device enrollment configuration compliance lifecycle and app deployments.

Support and maintain MFA tooling (Cisco Duo) and implement SSO integrations for applications.

Perform certificate and public key infrastructure (PKI) administration.

2. Advanced Threat Detection Monitoring & Hunting

Implement proactive threat hunting methodologies across endpoints cloud and network.

Conduct in-depth forensic analysis log analysis and packet analysis to detect sophisticated attacks.

Monitor and respond to SIEM and EDR alerts during 12 5 operations with on-call escalation for critical alerts.

3. Vulnerability & Patch Management Governance

Govern remediation activity from bi-weekly vulnerability scans and penetration tests.

Coordinate with IT for patch management compliance across operating systems and applications.

4. Email Security Engineering (Proofpoint or SPF or DKIM orDMARC)

Design configure and manage email security solutions to protect inbound or outbound mail.

Monitor Proofpoint alerts tune filters and manage DLP policies.

5. Device Security Compliance & Enrollment

Manage device provisioning enrollment policy enforcement and secure configuration baselines.

Oversee BYOD security selective wipe mobile application security and compliance enforcement.

6. Incident Response & Governance

Lead incident triage containment eradication and recovery actions.

Conduct root cause analysis and provide executive-level reporting.

7. Governance SOP Development & Compliance

Create and maintain SOPs KB articles and documentation aligned to security frameworks.

Participate in annual security audits assisting with evidence gathering and auditor engagement.

8. Security Awareness & Training (KnowBe4 Governance)

Oversee governance of KnowBe4 user awareness training enrollment and campaign assignments.

Track compliance escalate per SOP and generate training & phishing metrics.

Create awareness communications and align training with current threat trends.

9. Mentorship & Leadership

Contribute to the security program strategy technology evaluations and process improvements.

Conduct knowledge-sharing sessions and maintain internal training materials.

Required Qualifications:

Minimum 8 years of experience in security engineering operations or similar role.

Strong background in incident response threat hunting and device security management.

Technical Skills:

Expert knowledge of security technologies including EDR SIEM MDM or UEM MFA PAM DLP and DNS filtering.

Strong understanding of NIST CSF CIS Controls and MITRE ATT&CK.

Soft Skills:

Excellent communication and documentation skills.

Strong analytical abilities and high attention to detail.

Ability to work in high-pressure environments and manage on-call escalations.

Collaborative mindset with the ability to work cross-functionally.

Education & Certifications:

Bachelors degree or equivalent experience.

Good to have certifications: CISSP GIAC (GCIH GCFA GCTI) OSCP or tool-specific certifications (Splunk Sentinel CrowdStrike Intune Proofpoint Zscaler CyberArk etc.)