SOC Team Lead

• Lead the Security Operations Center (SOC) team to ensure effective detection, analysis, containment, and response to cybersecurity incidents.
• Develop and implement the SOC strategy, roadmap, and KPIs aligned with the company’s overall information security objectives.
• Manage daily SOC operations, ensuring monitoring coverage, effective incident handling, and timely escalation.
• Oversee and optimize the SIEM, XDR and related security platforms.
• Continuously tune and improve correlation rules, dashboards, and alerting logic to enhance detection accuracy and reduce false positives.
• Lead incident response processes, ensuring accurate classification, root cause analysis, and post-incident reporting.
• Drive the implementation of new detection use cases, integration of threat intelligence feeds, and automation.
• Collaborate closely with IT and Infrastructure teams to strengthen overall threat visibility and response capability.
• Ensure compliance with NIST, MITRE ATT&CK, and internal security frameworks, contributing to SOC maturity improvement.
• Mentor and guide SOC analysts (L1 and L2), fostering a culture of technical excellence, accountability, and continuous learning.
• Prepare and present regular SOC performance reports to management, highlighting trends, threats, and recommendations.

• 4+ years of experience in cybersecurity or SOC operations, including at least 1 years in a team leadership or supervisory role.
• Hands-on expertise with SIEM tools (such as IBM QRadar, Splunk, ELK or Wazuh) and EDR/XDR, SOAR, and threat intelligence platforms.
• Strong understanding of network security, incident response, log analysis, and security monitoring.
• Proven experience with correlation rule development, threat detection tuning, and false positive reduction.
• Knowledge of cloud security monitoring (Azure, AWS) and hybrid infrastructure environments.
• Familiarity with NIST CSF, MITRE ATT&CK, ISO 27001, or similar frameworks.
• Excellent analytical and communication skills with the ability to translate technical issues into business impact.
• Strong leadership, mentoring, and team management abilities.
• Experience with scripting or automation (e.g., Python, PowerShell) is a plus.
• Relevant certifications such as GSOM, GCIH, CySA+, Security+, CSOM, are considered an advantage.

• Work in one of the best business centers in Baku.

• Competitive salary “at market level.”

• Health insurance, paid vacation, sick leave, corporate events and bonuses, fitness discounts.

• Work equipment provided.