Skills

Communication Leadership Incident Response Splunk Architecture

Job Specifications

Job Title: SOC Team Lead (Remote)

Client: Prestigious Global Business Advisory Firm

Work Arrangement: Fully Remote

Schedule: Monday – Friday, Standard Business Hours

The Client & The Opportunity

Our client is a premier global business advisory firm known for providing strategic guidance to the world’s most influential organizations. As they continue to expand their digital footprint, they are seeking a SOC Team Lead to provide senior-level oversight for their security operations.

This is a unique opportunity to join an elite team where quality of output is prioritized over sheer alert volume. Because our client values sustainable excellence, this role offers a consistent Monday–Friday schedule, providing the rare balance of high-level cybersecurity work without the typical 24/7 on-call burnout.

The Role

In this position, you will serve as the technical lead and mentor for a distributed, remote team. You will be the primary authority on incident escalation, SIEM architecture, and the maturation of the SOC’s overall defensive strategy.

Key Focus Areas:

Security Operations Leadership: Oversee the day-to-day operations, ensuring that the SOC meets its SLAs while fostering a high-performance, collaborative remote culture.
Incident Response & Strategy: Serve as the incident commander for critical threats. You will be responsible for maturing the firm’s incident response playbooks and conducting post-incident reviews to drive continuous improvement.
SIEM & Tooling Architecture: Take ownership of the firm’s SIEM environment (e.g., Sentinel/Splunk). You will be tasked with tuning correlation logic, reducing noise, and integrating SOAR capabilities to automate repeatable tasks.
Threat Detection & Hunting: Utilize the MITRE ATT&CK framework to lead proactive threat-hunting initiatives, moving the firm from a reactive stance to a proactive, intelligence-led defense.
Stakeholder Engagement: Act as the technical voice for the SOC. You will translate complex security risks into clear, business-focused insights for senior leadership and global stakeholders.

Requirements

Proven Track Record: 5+ years in cybersecurity, with a minimum of 1 year in a senior or lead role within a SOC environment.
Technical Depth: Expert-level knowledge of SIEM, EDR, and SOAR platforms. Candidates must be able to demonstrate an ability to tune and optimize these tools for a global enterprise.
Operational Maturity: Experience building or refining IR playbooks and a deep understanding of security lifecycle management.
Communication: Exceptional ability to communicate technical concepts to non-technical stakeholders—a core competency given the firm’s advisory nature.
Certifications: Highly preferred (e.g., CISSP, GCIH, GCFA, or similar).

Why This Role Stands Out

Work-Life Balance: A standardized schedule that is almost unheard of in global security leadership.
Strategic Influence: You aren't just following tickets; you are defining the security strategy for a major global firm.
Professional Environment: You will be surrounded by top-tier talent in an environment that prioritizes professional development and high-level advisory standards.

About the Company

At Intaso we are firm believers that not every business has the same Cyber/ Information Security talent shortages and demands a bespoke offering. Having extensive expertise of contingent, executive search, in-house, team-build and consultancy experience we are privileged to have the expertise to offer a complete set of innovative talent solutions tailored to every organisation. We pride ourselves on having a deep industry expertise, technical training, extensive networks and the softer skills to make intelligent matches on... Know more