SOC Lead

About the team:

At Aspire, we recognize that data and infrastructure security are paramount to the success and trust of our customers. Our Security Team is at the forefront of protecting and securing our systems, ensuring compliance with industry best practices, and continuously learning and evolving to stay ahead of emerging threats. Our emphasis extends to data privacy, seamlessly integrating it into our security initiatives.

About the role:

As the SOC Lead, you will be responsible for overseeing and advancing the company’s SIEM/SOAR, Incident Response, Threat Hunting and continuing strengthening of Aspire's real-time detection mechanisms. You will manage a diverse technology stack, with an emphasis on Azure Sentinel, Data Dog, AWS, Azure AD, Intune, Microsoft Defender for Endpoint, and Unifi network solutions. Your role will also encompass ensuring compliance with at least PCI DSS, ISO 27001, and SOC2 standards, contributing to a secure and reliable IT environment.

Minimum qualifications:

• Bachelor’s degree in Computer Science, Information Security, Cybersecurity, or a related field.

• Experience:

  • At least 8 years of experience in cybersecurity roles, with a minimum of 4 years in a leadership position within a SOC environment.
  • Threat hunting capability with up-to-date threat landscape and common attack TTPs.
  • Incident handling and forensics skills including knowledge of common probing and attack methods, network/service discovery, system assessment, malware.
  • Deep knowledge in cloud security
  • Proven track record of building and improving security detection capabilities over a vast area of applications and infrastructure.
  • Ability to prepare reports of analysis and results to provide briefings to management

• Technical Skills:

  • EDR (Crowdstrike/MS Defender)
  • Proficiency in managing and configuring Security Information and Event Management (SIEM) tools especially Azure Sentinel and Data Dog.
  • Experience in building Security Orchestration Automation Response (SOAR)
  • Experience in incident response and threat analysis.
  • Proficiency in scripting languages (e.g., Python, PowerShell) for automation of security tasks.
  • Experience in building AWS infrastructure to support SOC engineering processes

• Strategic skills:

  • Building and leading a SOC team which is responsible for engineering, forensic, threat hunting and incident response.
  • Architecting and monitoring systems to be state-of-the-art and cost efficient.
  • Mentoring a team to reach new levels of expertise in both technical and non-technical skills.

Preferred qualifications:

• Experience:

  • Proven and deep experience with linux based systems to monitor, engineer security monitoring solutions and understand how to detect security weaknesses.
  • Familiarity with GCloud, ELK, Prometheus - Monitoring and Azure Logic Apps
  • Open-source tools for SOC and their successful implementation.

• Certifications: Advanced certifications such as CISS, CEH, CompTIA Security+ or GSOC.

• Proven experience to serve as the point of contact for regulatory requirements and incident response protocols to align international and local regulations and standards, including data protection laws (e.g., GDPR, CCPA, PDPA) and financial compliance requirements (e.g., MAS TRM, PCI-DSS).

• Demonstrated expertise in managing SOC activities within regulated environments, with a proven track record of compliance with relevant standards and frameworks (e.g., ISO 27001, SOC 2, ACSC Essential Eight).