SOC Lead

The Opportunity

The SOC Lead supports the Global SOC Manager in the day-to-day leadership, coordination, and performance of Infotrust’s Security Operations Centre (SOC). This pivotal role ensures seamless SOC operations across geographies, effective incident response, and high-quality service delivery aligned with Infotrust’s contractual obligations and strategic objectives.

Acting as the deputy to the Global SOC Manager, the SOC Lead is both a technical and operational leader, able to lead teams through critical incidents, represent the SOC in client engagements, and drive continuous improvement of security operations capabilities. The SOC Lead will collaborate closely with internal stakeholders such as technical Principals, Service Delivery Managers, and other business units to achieve optimal operational readiness and service outcomes.

‍

Responsibilities

Leadership & Operational Support:

• Support the Global SOC Manager in leading and managing the global SOC team, including analysts, engineers, and support personnel.
• Serve as acting SOC Manager in their absence, ensuring continuity of leadership and operations.
• Coordinate shift leaders and regional leads to ensure consistent, 24/7 global SOC coverage and service delivery.
• Mentor & contribute to staff development by supporting performance reviews, coaching, and implementation of training plans.
• Lead post-incident reviews and contribute to client reporting and continuous improvement.
• Geographically dispersed team

‍

Security Operations:

• Drive operational execution of core SOC functions including monitoring, detection, incident response, and vulnerability management using the MITRE ATT&CK framework.
• Oversee and manage escalated security incidents, coordinating across technical and business teams to contain, investigate, and resolve threats.
• Assist in the development, review, and enforcement of SOC processes, SOPs, and playbooks.

‍

Compliance & Quality Assurance:

• Help maintain the SOC’s alignment with ISO 27001, NIST, SOCI, and other relevant security standards and/or frameworks.
• Support implementation and maintenance of the Managed Services Information Security Management System (ISMS).
• Contribute to internal and client-facing reports, ensuring timely, accurate, and insightful deliverables with actionable recommendations.

‍

Client & Stakeholder Engagement:

• Participate in client briefings, security reviews, and incident retrospectives as needed.
• Assist the SOC Manager in translating technical outcomes and trends into business-aligned insights for clients.
• Maintain high-quality standards in communication, escalation, and documentation.
• Represent the SOC’s technical leadership in internal and external forums.
• 3+ years of technical pre-sales experience.

‍

Improvement & Innovation:

• Collaborate with the SOC Manager to identify and implement service improvements and innovation initiatives.
• Contribute to the development of the SOC roadmap, operational strategy, and capability uplift plans.
• Monitor KPIs and drive initiatives to improve operational performance, threat detection, and response efficiency.

‍

Key Competencies & Experience:

• 5+ years in cybersecurity roles, including SOC environments with demonstrated progression into leadership.
• Proven track record in managing or coordinating SOC operations, incident handling, and risk management.
• Experience working across global or distributed teams.
• Familiarity with threat intelligence, vulnerability management, and SIEM/SOAR technologies.
• Sound understanding of industry compliance standards (ISO, NIST, SOCI, PCI-DSS, GDPR, etc.).
• Hands-on experience with tools such as Splunk, Sentinel, CrowdStrike, or other security platforms.
• Relevant certifications (e.g. GCIH, GCIA, CISSP, CISM, CEH).
• Exposure to MSSP environments and client-facing service delivery.
• Strong understanding of security risk assessments, vulnerability management and disaster recovery planning

‍

Skills:

Technical Knowledge:

• Strong knowledge of cyber-attack techniques, threat vectors, and corresponding detection/response methods.
• Working proficiency in Windows, Linux, and Mac OS environments.
• Proficiency in log analysis, SIEM query languages, and automation workflows.
• Understanding of endpoint, network, and cloud security technologies.
• Working knowledge of network and endpoint security, countermeasures, sensors and products.
• Working knowledge of security event log analysis and incident handling.
• Working knowledge in SIEM queries and integrations.
• Working knowledge and experience with ITSM tools.
• Enterprise system administration experience is advantageous.

‍

Leadership & Communication:

• Confident team leader and mentor, capable of managing high-performance teams.
• Outstanding communicator, able to convey complex information to technical and non-technical audiences.
• Skilled at preparing reports, dashboards, and performance metrics.
• 3+ years of experience in leading and managing teams.
• Knowledge of business operations and financial reporting.

‍

Personal Attributes:

• Ability to stay calm and focused under pressure, particularly during security incidents or crises
• Exceptional time management
• Strong Stakeholder management capabilities
• vOutstanding verbal and written communication
• Excellent leadership, communication and interpersonal skills, with the ability to engage effectively with both technical and non-technical stakeholders
• Exceptional problem-solving skills, with a focus on delivering pragmatic and innovative solutions
• Highly client-focused with a deep understanding of client needs and the ability to build lasting partnerships

‍

How to Apply

Please send resumes to: pauline.tabirara@infotrust.com.au

‍