Realign LLC
SOC Lead-1
⭐ - Featured Role | Apply direct with Data Freelance Hub
This role is for a SOC Lead with 8-12 years of cybersecurity experience, based onsite in San Jose, CA. The contract duration and pay rate are unspecified. Key skills include SIEM expertise, EDR knowledge, and strong leadership in security operations.
🌎 - Country
United States
💱 - Currency
Unknown
-
💰 - Day rate
Unknown
-
🗓️ - Date
November 28, 2025
🕒 - Duration
Unknown
-
🏝️ - Location
On-site
-
📄 - Contract
Unknown
-
🔒 - Security
Unknown
-
📍 - Location detailed
San Jose, CA
-
🧠 - Skills detailed
#Automation #IAM (Identity and Access Management) #Splunk #Defender #Security #Compliance #Azure #Logging #Monitoring #Cloud #Scala #Network Security #Alation #Leadership #Cybersecurity
Role description
Job Type: Contract
Job Category: IT
Job Title: SOC Lead
Location: San Jose, CA – Onsite Contract Role
️ Job Description (Expanded & Professional)
We are seeking a highly skilled and experienced SOC Lead with 8–12 years of expertise in Security Operations Center management. The ideal candidate should have proven leadership capabilities, hands-on technical depth, and the ability to guide 24×7 security operations with precision and accountability.
Key Responsibilities
1. SOC Team Leadership & Governance
Lead and mentor L1, L2 Analysts, and SIEM Engineers ensuring efficient 24×7 operations.
Oversee daily SOC workflows including incident assignments, ticket lifecycle management, escalations, and SLA compliance.
Manage shift governance, ensuring high availability, weekly shift rotations, and operational discipline across the SOC.
Conduct knowledge-sharing sessions, daily standups, and performance reviews to build a mature SOC environment.
1. Advanced Threat Detection & Investigation
Perform deep-dive investigations across multiple security platforms including:
SIEM (Security Information and Event Management)
EDR/XDR tools
Event logs and system logs
Memory dumps and forensic artifacts
Network telemetry (NetFlow, PCAP analysis)
Validate security alerts, identify false positives, and improve alert quality via constant rule fine-tuning.
1. Incident Response & Threat Mitigation
Lead full-lifecycle Incident Response (IR) from detection to containment, eradication, and recovery.
Provide real-time guidance to analysts during critical security breaches.
Coordinate with cross-functional teams such as Cloud, IAM, Network, and IT Ops for rapid remediation actions.
1. Operational Excellence & Reporting
Manage BAU (Business-As-Usual) operations including dashboard creation, SLA tracking, and regular reporting for leadership.
Build executive-ready reports for KPIs, KRIs, incident trends, threat patterns, and SOC performance metrics.
Drive improvement in SOC maturity, automation, playbooks, and threat coverage.
1. Technology & Process Improvements
Work with SIEM/EDR engineering teams to enhance detection rules, parsers, correlation logic, and use cases.
Recommend improvements in logging architecture, data onboarding, and threat visibility.
Contribute to building and improving SOAR playbooks for automated incident workflows.
Stay updated with evolving cyber threats, vulnerabilities, MITRE ATT&CK techniques, and industry best practices.
Required Skills & Qualifications
8–12 years of experience in Cyber Security/SOC Operations.
Strong expertise in SIEM tools (Splunk, QRadar, Sentinel, etc.).
Hands-on experience with EDR/XDR technologies (CrowdStrike, Defender, SentinelOne, etc.).
Proficiency in network security, logs, memory analysis, and threat hunting.
Excellent leadership, communication, and incident-handling skills.
Ability to work in a high-pressure, fast-paced environment.
Hashtags
#SOCLead #SecurityOperations #CyberSecurityJobs #SIEMEngineer #SOCAnalyst #ThreatDetection #IncidentResponse #CyberDefense #EDR #ThreatHunting #CyberSecurityCareer #InfoSecJobs #SecurityLeadership #SanJoseJobs #CaliforniaJobs #SOCManager #SecurityMonitoring #NetworkSecurity #CyberThreats #SOCOperations #SOAR #SplunkJobs #AzureSentinel #CrowdStrike #CyberSecurityExpert #OnsiteJobs #TechJobsUSA #SecurityAnalyst #ThreatIntel #PurpleTeam #BlueTeamOps #SecurityEngineer #EDRTools #SIEMTools #CyberJobs
Required Skills
FULL-STACK LEAD
TECHNICAL LEAD
Job Type: Contract
Job Category: IT
Job Title: SOC Lead
Location: San Jose, CA – Onsite Contract Role
️ Job Description (Expanded & Professional)
We are seeking a highly skilled and experienced SOC Lead with 8–12 years of expertise in Security Operations Center management. The ideal candidate should have proven leadership capabilities, hands-on technical depth, and the ability to guide 24×7 security operations with precision and accountability.
Key Responsibilities
1. SOC Team Leadership & Governance
Lead and mentor L1, L2 Analysts, and SIEM Engineers ensuring efficient 24×7 operations.
Oversee daily SOC workflows including incident assignments, ticket lifecycle management, escalations, and SLA compliance.
Manage shift governance, ensuring high availability, weekly shift rotations, and operational discipline across the SOC.
Conduct knowledge-sharing sessions, daily standups, and performance reviews to build a mature SOC environment.
1. Advanced Threat Detection & Investigation
Perform deep-dive investigations across multiple security platforms including:
SIEM (Security Information and Event Management)
EDR/XDR tools
Event logs and system logs
Memory dumps and forensic artifacts
Network telemetry (NetFlow, PCAP analysis)
Validate security alerts, identify false positives, and improve alert quality via constant rule fine-tuning.
1. Incident Response & Threat Mitigation
Lead full-lifecycle Incident Response (IR) from detection to containment, eradication, and recovery.
Provide real-time guidance to analysts during critical security breaches.
Coordinate with cross-functional teams such as Cloud, IAM, Network, and IT Ops for rapid remediation actions.
1. Operational Excellence & Reporting
Manage BAU (Business-As-Usual) operations including dashboard creation, SLA tracking, and regular reporting for leadership.
Build executive-ready reports for KPIs, KRIs, incident trends, threat patterns, and SOC performance metrics.
Drive improvement in SOC maturity, automation, playbooks, and threat coverage.
1. Technology & Process Improvements
Work with SIEM/EDR engineering teams to enhance detection rules, parsers, correlation logic, and use cases.
Recommend improvements in logging architecture, data onboarding, and threat visibility.
Contribute to building and improving SOAR playbooks for automated incident workflows.
Stay updated with evolving cyber threats, vulnerabilities, MITRE ATT&CK techniques, and industry best practices.
Required Skills & Qualifications
8–12 years of experience in Cyber Security/SOC Operations.
Strong expertise in SIEM tools (Splunk, QRadar, Sentinel, etc.).
Hands-on experience with EDR/XDR technologies (CrowdStrike, Defender, SentinelOne, etc.).
Proficiency in network security, logs, memory analysis, and threat hunting.
Excellent leadership, communication, and incident-handling skills.
Ability to work in a high-pressure, fast-paced environment.
Hashtags
#SOCLead #SecurityOperations #CyberSecurityJobs #SIEMEngineer #SOCAnalyst #ThreatDetection #IncidentResponse #CyberDefense #EDR #ThreatHunting #CyberSecurityCareer #InfoSecJobs #SecurityLeadership #SanJoseJobs #CaliforniaJobs #SOCManager #SecurityMonitoring #NetworkSecurity #CyberThreats #SOCOperations #SOAR #SplunkJobs #AzureSentinel #CrowdStrike #CyberSecurityExpert #OnsiteJobs #TechJobsUSA #SecurityAnalyst #ThreatIntel #PurpleTeam #BlueTeamOps #SecurityEngineer #EDRTools #SIEMTools #CyberJobs
Required Skills
FULL-STACK LEAD
TECHNICAL LEAD
