We are looking for a highly skilled and experienced Tech Lead - (Advanced Analytics) to lead the design, implementation, and optimization of Security Operations Centre (SOC) technologies for our clients. As a Tech Lead, you will be responsible not only for technical delivery but also for providing leadership, mentorship, and strategic guidance across multiple engagements.
Youll work on cutting-edge solutions across SIEM, SOAR, TIP, UEBA, Data Streaming, BAS platforms, and more, while aligning them with business and security objectives. This role requires a strong technical background, hands-on experience, and the ability to drive cross-functional collaboration in complex enterprise environments.
Key Responsibilities
1. Technical Leadership & Strategy
- Lead end-to-end delivery of SOC technology implementations and integrations across on-prem, hybrid, and multi-cloud environments.
- Translate complex business and security requirements into scalable and effective technical solutions.
- Provide thought leadership in evolving SOC architectures, use cases, and detection strategies.
- Guide the adoption of DevSecOps and CI/CD methodologies for scalable deployment and management of cybersecurity solutions.
2. Solution Design & Implementation
- Architect and implement cybersecurity technologies including SIEM, SOAR, TIP, UEBA, BAS, Data Streaming tools, and integrations with Ensigns AI/ML & Threat Intelligence platforms.
- Ensure customization and seamless integration tailored to each clients security operations.
- Develop and enforce detection-as-code and automation frameworks for efficient security operations.
3. Threat Detection, Automation & Response
- Lead the creation of advanced detection logic, response workflows, and automated playbooks.
- Collaborate with data scientists and threat analysts to improve threat models and content tuning.
- Design and drive adoption of Detection-as-Code frameworks and automated incident response solutions.
4. Client Engagement & Pre-Sales Support
- Act as the Subject Matter Expert (SME) during pre-sales, proof-of-value (POV), and solutioning workshops.
- Provide guidance on SOC maturity, tool selection, integration roadmap, and operational best practices.
- Support vulnerability management, threat modeling, and platform optimization in client environments.
5. Documentation, Mentorship & Knowledge Sharing
- Maintain comprehensive technical documentation, design guides, and operational runbooks.
- Mentor and upskill junior consultants and engineers on SOC technologies and implementation methodologies.
- Contribute to internal knowledge bases and lead internal capability development initiatives.
Requirements
- Bachelors Degree in Information Technology or Cyber Security.
- Professional certificates such as SANS or ISC2 would be advantageous.
- At least 10 years of IT security experience and experienced in a wide range of cyber-security technologies.
- Working experience in technologies like Splunk, Elastic, Sentinel, XSOAR, Exabeam, Anomali, Cribl, Confluent, Mandiant MSV, Cymulate, AttackIQ or equivalent technologies are preferred.
- Working experience in DevSecOps practice, tools (CI/CD, GitLab, Ansible, Chef etc) or Cloud (AWS, Azure, GCP) environments are preferred.
- Strong understanding of cybersecurity principles and best practices.
- Experience as a technical lead in large-scale projects involving multiple technologies as part of a turn-key solution.
- Strong troubleshooting and analytical skills that can resolve issues as the final point of escalation.
- Strong presentation, communication and written skills.
- Proven people management and project management skills.
- Positive working attitude.
- Passionate in information security.
