Companies you'll love to work for

We are seeking a dynamic and experienced SOC leader to lead and enhance our global Security Operations Center (SOC). With 10+ years of experience in cybersecurity, incident response, threat intelligence, and team leadership, you will play a pivotal role in protecting the organization’s information systems and assets. You will develop and implement strategies to improve detection, response, and recovery while driving continuous improvement in security operations and aligning the SOC’s objectives with broader business goals.

1. Develop and execute the SOC strategy, ensuring alignment with the organization's business and security goals.
2. Define and implement policies, procedures, and frameworks to mature the SOC’s capabilities (e.g., SIEM tuning, SOAR integration).
3. Lead security initiatives focusing on threat management, compliance, and regulatory requirements.
4. Build partnerships with IT, risk management, legal, and compliance teams to ensure a comprehensive security posture.
5. Oversee the end-to-end incident response process, ensuring timely detection, investigation, containment, eradication, and recovery.
6. Drive threat hunting initiatives and proactively identify potential risks through analytics and behavioral detection techniques.
7. Manage escalations of high-severity security incidents and lead post-incident analysis, implementing lessons learned.
8. Develop and execute training plans to keep the SOC team updated on the latest tools, trends, and attack techniques.
9. Assess emerging threats, vulnerabilities, and attack patterns to proactively adapt the SOC’s capabilities.
10. Drive quarterly reviews of SOC operations, focusing on enhancements in detection, analysis, and response.
11. Provide regular reports and dashboards to executive leadership, highlighting trends, incidents, and SOC improvements.
12. Ensure compliance with relevant industry standards (e.g., ISO 27001, NIST, PCI DSS, GDPR, etc.).

1. 10 to 15 years of experience in cybersecurity with at least 7+ years in SOC operations and technical leadership roles.
2. In-depth understanding of security frameworks (NIST, MITRE ATT&CK, ISO 27001) and incident response methodologies.
3. Hands-on expertise in tools like SIEM (Splunk, Microsoft Sentinel, etc.), SOAR, threat intelligence platforms, and EDR solutions. Sentinel is a MUST HAVE skill.
4. Hands-on experience in administering and securing Azure environments using Azure Policies and various Defender for cloud products.
5. Writing KQL and Graph queries with Strong analytical skills to interpret security data and develop actionable insights.
6. Nice to have knowledge of Microsoft Sentinel/XDR, Threat Intelligence and threat-hunting.
7. Proven experience managing large-scale security incidents and improving SOC maturity levels.
8. Strong knowledge of compliance and regulatory standards (GDPR, HIPAA, CCPA, etc.).
9. Experience in implementing automation and improving SOC efficiency through SOAR or similar platforms.
10. Exceptional leadership, decision-making, and communication skills.

Experience:

10 to 15 years of experience in information security with hands-on experience with Microsoft Defender, Microsoft Sentinel and Defender for Cloud.

Certifications:

1. Industry certifications such as CISSP, CISM, GIAC, CEH, or equivalent.
2. Certifications in cloud security (AWS, Azure, GCP) and protecting hybrid environments.

With unmatched technology and category-defining innovation, Icertis pushes the boundaries of what’s possible with contract lifecycle management (CLM). The AI-powered, analyst-validated Icertis Contract Intelligence (ICI) platform turns contracts from static documents into strategic advantage by structuring and connecting the critical contract information that defines how an organization runs. Today, the world’s most iconic brands and disruptive innovators trust Icertis to fully realize the intent of their combined 10 million contracts worth more than $1 trillion, in 40+ languages and 93 countries.