SOC team leader

Position: SOC Team Leader

Location: Central Israel

A leading organization is seeking an experienced and proactive SOC Team Leader to join its cybersecurity division. The ideal candidate will bring strong technical expertise, hands-on experience in managing cyber incidents, and proven leadership skills to guide a growing team of analysts.

Key Responsibilities:

• Lead a team of 8 analysts (6 Tier 1 and 2 Tier 2), including personal development plans, training, and mentoring.
• Oversee and manage cybersecurity incidents from identification to resolution.
• Monitor and respond to cyber threats such as phishing, DDoS, and other advanced threats.
• Operate and maintain security systems such as SIEM (mandatory), SOAR (advantage, especially Cortex XSOAR), Microsoft Defender, Azure Security, and others.
• Write incident response playbooks and automation processes.
• Conduct root cause analysis and post-incident reporting, including submissions to regulatory authorities.
• Build and enhance network architecture, especially when onboarding new clients or services.
• Collaborate closely with IT and DevOps teams for end-to-end incident containment and remediation.
• Ensure smooth operations under tight deadlines and support during off-hours in critical situations.

Required Qualifications:

• At least 2 years of experience as a Tier 2 SOC Analyst (Advanced level).
• Minimum 1 year of experience operating and maintaining SIEM systems (mandatory).
• Proven knowledge in cyber incident response and investigation, including threat hunting and playbook creation.
• Hands-on experience with security technologies such as AV, NAC, DLP, EDR, Firewalls, IPS, Sandbox, etc.
• Deep understanding and practical experience with Azure and AWS cloud environments.
• Strong background in IT operating systems (Linux & Windows), networking, and tools like SolarWinds and MAAS.
• Familiarity with network architecture in medium to large-scale environments (advantage).
• Excellent analytical and communication skills in both Hebrew and English.
• High self-learning ability, curiosity, and multitasking skills.
• Availability to support critical events outside regular working hours.

Preferred Skills:

• Experience with SOAR platforms (especially Cortex).
• Involvement in building or redesigning network topologies and security layers.
• Ability to make independent professional decisions and manage high-pressure situations.

Let me know if you'd like a version tailored to a LinkedIn post or one with a more concise tone.