SOC Shift Lead
- Higher education in Information Security, IT, or a related field.
- Experience working with security monitoring tools, including SIEM systems (e.g., Splunk, QRadar, or others).
- Understanding of the incident response cycle, knowledge of analysis processes, and effective investigation skills.
- Team management skills, including task organization, performance monitoring, and employee motivation.
- Strong communication skills for collaboration with the team, cross-functional departments, and leadership.
- Proactive approach to identifying and mitigating security threats.
- Experience with Linux, Bash, databases (PostgreSQL, MongoDB, ClickHouse), as well as cloud platforms such as AWS and GCP.
- Automation skills using Python, Ansible, or other tools.
- Knowledge of Threat Intelligence fundamentals (e.g., MITRE ATT&CK) and basic SOAR concepts.
- Understanding of ITIL/COBIT for incident management.
- Analytical skills, including the ability to work with large datasets (log analysis, event correlation).
- Decision-making ability under stress and crisis management skills.
- Experience working in compliance with ISO 27001, NIST or SOC 2 standards.
Management of L1 Operator Shifts:
• Task allocation, quality control of team performance, and SLA compliance.
• Coordination of shift schedules (day/night, 12-hour shifts).
Team Training and Development:
• Mentorship and support for employee skill development.
• Oversight of the creation and improvement of playbooks for incident response.
Incident Investigation:
• Ensuring accuracy of analysis, preparing reports, and preventing threat escalation.
• Monitoring the use of SIEM, Endpoint Security Systems, and Network Security Systems.
SOC Infrastructure Improvement:
• Identifying bottlenecks in monitoring and response processes.
• Participating in the implementation of new solutions to enhance protection efficiency, such as XDR or cloud-native security systems.
Stakeholder Engagement:
• Maintaining communication with other teams and business units to ensure business continuity.
• Contributing to the development of strategies to improve the overall security posture of the company.
Access Control and Compliance:
• Administering access to servers and databases.
• Monitoring team compliance with information security standards (ISO 27001, NIST, SOC 2).
Conducting internal audits to improve security processes.
Reporting:
• Preparing reports on incidents, system status, and team performance.
• Providing recommendations for optimizing monitoring processes.
- An exciting and challenging job in a fast-growing product holding, the opportunity to be part of a multicultural team of top professionals in Marketing, Management, Operations, Engineering and Architecture, etc.;
- Great working atmosphere with passionate IT experts and leaders, sharing a friendly culture and a success-driven mindset is guaranteed;
- Beautiful offices in Kyiv, Warsaw, Limassol, Almaty, Yerevan work with comfort and enjoy the opportunity to build a network of connections with IT professionals day by day;
- Laptop & all necessary equipment for work according to the ecosystem standards;
- Paid vacations, personal events days, days off;
- Paid sick leave;
- Medical insurance;
- Referral program enjoy cooperation with your colleagues and get the bonus;
- Educational support by our L&D team: internal and external trainings and conferences, courses on Udemy;
- Free internal English courses;
- Sport Benefit;
- Multiple internal activities: online platform with newsletters, quests, gamification, and presents for collecting bonuses, PIN-UP talks club for movie and books lovers, board games cozy evenings, special office days dedicated to holidays, etc.;
- Company events, team buildings.