SOC / NOC Team lead

Description

Final is a world leader in trading algorithms and trade execution technologies development. Our multi-disciplinary teams have developed a unique and highly successful machine learning algorithmic-based HFT platform that delivers excellent results. In a world increasingly dominated by learning machines and artificial intelligence, we at Final are especially proud of our humans. Our elite team of exceptional people is the soul of our company, and it is our top priority to provide them with a professionally fulfilling environment that supports a healthy work-life balance. Our employees are encouraged to pursue their passions outside of work, and we are proud to offer them a variety of opportunities, multiple resources, and an agile work environment that promotes their well-being.

We are looking for a SOC and NOC Team Lead to join our fast-growing SOC/NOC fusion center. Who will focus on designing, building, maintaining and optimizing our SIEM, the different monitoring tools and state-of-the-art Threat Operations Centre initiatives and processes. You will be responsible for overseeing, managing, and directing daily security operations alerts, Operational alerts and incidents while using the most advanced security and monitoring tools.

You will work closely with many internal stakeholders and drive the vision and end-to-end execution of our worldwide security operations and observability. You will also lead our incident response to protect our company and customer data.

About the Role

Ensure 24/7 monitoring of security alerts and operational incidents by leading and managing a team of SOC and NOC analysts

Establish and enforce processes, procedures and workflows to detect, analyze, contain and eliminate incidents efficiently
Prepare incident response plans and playbooks for different types of operational and Security incidents
Communicate with stakeholders and resolve incidents both security and operational as part of incident response activities
Identify root causes of incidents and recommend corrective actions to prevent future ones
Optimize and configure security and observability tools to ensure comprehensive visibility and actionable insights across the entire environment.
Define key performance indicators (KPIs) for your security and operations monitor metrics
Prepare regular reports on SOC /NOC activities, incident trends and metrics for senior management and stakeholders

Responsibilities

Responsibilities

Lead a team of NOC and SOC analysts operating 24/7, ensuring real-time monitoring of network/system health, application performance, and security events.
Drive operational excellence in detecting, troubleshooting, and resolving infrastructure and connectivity issues (e.g., latency, packet loss, hardware failures, etc.).
Implement and maintain incident response protocols and playbooks for network outages, service degradations, and cybersecurity incidents.
Ensure coordination between IT, Infrastructure, Security, and DevOps during escalations and major incidents.
Own and evolve our observability stack: monitoring tools (e.g., Prometheus, Grafana), SIEM platforms, log aggregation, alerting systems.
Define KPIs for both network operations and security metrics (MTTR, SLA adherence, false positives, escalation rates).
Deliver reports and dashboards on incident trends, operational stability, and threat landscapes to management.
Lead post-incident reviews (PIRs), identifying root causes and preventive actions.
Requirements
Proven leadership experience in a SOC or related information security role
5+ years as a Security Operations Centre (SOC) analyst IR analyst or SOC Engineer
Hands-on capabilities - research and leading incident response teams
Deep understanding of network troubleshooting, TCP/IP stack, DNS, VPNs, routing, and connectivity issues.
Strong working knowledge of Linux systems, including command-line tools and system logs.
Strong analytical and problem-solving abilities, with keen attention to detail
Experience in building a SOC team, including staffing, recruitment, supervision, development and evaluations
Lead, mentor, and develop a high-performing security operations team, ensuring they have the necessary skills and resources
Strong foundation in cybersecurity principles, practices, and technologies; threat intelligence/intrusion detection/prevention systems
Continuous learning and adaptability; commitment and continuous learning and stay up to date with industry trends, emerging threats, security best practices
Passion for continuous learning and process improvement.
Experience with the following tools and technologies: Splunk, Sentinel, CrowdStrike, Grafana, AWS, Zabbix