SOC Delivery Lead

SOC Delivery Lead

Location: Riyadh, Saudi Arabia
Employment Type: Full-time

Role Overview

We are seeking an experienced and dynamic SOC Delivery Lead to oversee the delivery of Security Operations Center (SOC) services for our clients. This role is responsible for leading technical teams, ensuring high-quality service delivery, and driving continuous improvement in cyber defense operations. The ideal candidate will have a strong background in SOC management, incident response, and stakeholder engagement.

Key Responsibilities

• Lead and manage SOC teams (analysts, incident responders, SIEM engineers) to deliver effective detection, response, and threat intelligence services.

• Oversee the implementation and optimization of SIEM, EDR, NDR, and SOAR platforms (e.g., Splunk, Sentinel, LogRhythm).

• Ensure timely and accurate incident detection, investigation, containment, and remediation.

• Develop and maintain SOC processes, playbooks, and operational documentation aligned with industry frameworks (MITRE ATT&CK, NIST, ISO 27001/27035).

• Drive continuous improvement initiatives, including use-case development, automation, and integration of new technologies.

• Collaborate with clients, internal stakeholders, and third-party vendors to ensure service excellence and client satisfaction.

• Provide coaching, mentoring, and professional development for SOC team members.

• Prepare and deliver reports, metrics, and executive briefings on SOC performance and threat landscape.

• Support compliance and audit activities, ensuring SOC operations meet regulatory and contractual requirements.

Required Qualifications

• Bachelor’s degree in Computer Science, Cybersecurity, or related field (Master’s preferred).

• 8+ years of experience in cybersecurity, with at least 3 years in SOC leadership or management roles.

• Proven experience managing SOC teams and delivering complex cyber defense services.

• Hands-on expertise with SIEM, EDR, NDR, and SOAR platforms.

• Strong understanding of incident response, threat intelligence, and vulnerability management.

• Excellent communication, leadership, and stakeholder management skills.

• Relevant certifications (e.g., CISSP, CISM, GCIA, GCIH, SANS, ISO 27001) are highly desirable.

Preferred Skills

• Experience in banking, government, or critical infrastructure sectors.

• Familiarity with cloud security operations (AWS, Azure, GCP).

• Project management and service delivery experience.

• Ability to work in a fast-paced, client-facing environment.