Adecco
SOC Lead
- Permanent
- Dubai, United Arab Emirates
- Experience 2 - 5 yrs
Job expiry date: 27/05/2026
Job overview
Date posted
12/04/2026
Location
Dubai, United Arab Emirates
Salary
AED 20,000 - 30,000 per month
Compensation
Job description
The SOC Lead (Senior Security Consultant L2–L3) is a cybersecurity operations leadership role within a Managed Security Services Provider (MSSP) environment focused on advanced Security Operations Center (SOC) functions, XDR, MDR, SIEM, EDR, and multi-platform threat detection ecosystems. The role requires 7–9 years of cybersecurity experience with at least 6+ years in SOC operations, performing L2–L3 escalation handling, deep-dive threat investigations, and end-to-end incident response including triage, containment, eradication, recovery, and root cause analysis (RCA). The position involves working with modern security platforms such as Taegis, CrowdStrike Falcon, CrowdStrike NG SIEM (LogScale), Rapid7 IDR, Microsoft Defender XDR, Palo Alto Cortex XDR, QRadar, Splunk, and other SIEM/XDR tools to perform advanced correlation across endpoint, network, identity, cloud, and email security domains. The role includes SOC process development responsibilities such as creating and refining SOPs, runbooks, playbooks, escalation workflows, and detection standardization frameworks aligned with MSSP SLAs and KPIs. It also requires leadership in SOC operations management including shift oversight, queue management, quality assurance, analyst mentoring, and training L1/L2 staff on threat hunting and detection engineering. The SOC Lead is responsible for proactive threat hunting using XDR, SIEM, EDR, and threat intelligence sources, as well as developing and tuning detection rules and correlation logic to improve accuracy and reduce false positives. Additionally, the role includes customer-facing responsibilities such as incident reporting, service review meetings, dashboard presentation, onboarding support, and monthly/quarterly security reporting. The candidate also supports MSSP presales activities including solution design, customer workshops, BoQ preparation, SOW drafting, and SOC service architecture. The role requires strong expertise in cybersecurity frameworks such as MITRE ATT&CK, NIST CSF, ISO 27035, and Cyber Kill Chain, with the ability to handle complex security incidents such as ransomware, insider threats, account compromise, lateral movement, and phishing-based attacks while ensuring high-quality SOC service delivery in a fast-paced MSSP environment.
Required skills
Key responsibilities
- Serve as L2–L3 escalation point for SOC alerts, security incidents, and advanced threat investigations across MSSP environments
- Perform deep-dive analysis of alerts from XDR, SIEM, MDR, and EDR platforms including Taegis, CrowdStrike, Splunk, and Microsoft Defender XDR
- Lead full incident response lifecycle including triage, containment, eradication, recovery, and root cause analysis (RCA)
- Correlate multi-vector threats across endpoint, network, identity, cloud, and email security systems
- Develop and maintain SOC SOPs, playbooks, runbooks, escalation workflows, and detection engineering documentation
- Standardize detection and response procedures for new log sources, tools, and threat scenarios
- Provide mentorship and technical guidance to L1 and L2 SOC analysts
- Oversee SOC operations including shift management, queue handling, and quality assurance processes
- Conduct threat hunting activities and proactively identify malicious activity using SIEM, XDR, and threat intelligence platforms
- Design and optimize detection rules, correlation logic, and analytics to improve SOC accuracy and efficiency
- Participate in customer meetings, incident reviews, and SOC service delivery reporting
- Support SOC presales activities including solution design, BoQ preparation, and proposal development for MSSP services
Experience & skills
- Demonstrate 7–9 years of cybersecurity experience with at least 6+ years in SOC operations within an MSSP environment
- Possess strong hands-on experience with SIEM/XDR tools such as Splunk, QRadar, CrowdStrike Falcon, Microsoft Defender XDR, and Taegis
- Demonstrate expertise in incident detection and response including ransomware, insider threats, and advanced persistent threats (APT)
- Show strong experience in threat hunting, log analysis, and root cause analysis across multiple security domains
- Demonstrate ability to develop SOC processes including SOPs, runbooks, playbooks, and escalation workflows
- Possess knowledge of cybersecurity frameworks including MITRE ATT&CK, NIST CSF, ISO 27035, and Cyber Kill Chain
- Demonstrate experience in SOC team leadership, mentoring, and operational management
- Show strong communication skills for customer engagement, reporting, and stakeholder coordination
- Demonstrate experience in MSSP presales support including SOW, BoQ, and solution design activities
- Hold relevant certifications such as GCIA, GCIH, CISM, CrowdStrike certifications, or Microsoft SC-series (preferred)