CrawlJobs Logo

Principal SOC Operations Lead

zerofox.com Logo

ZeroFox

Location Icon

Location:
India , Bengaluru

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

We are seeking a Principal SOC Operations Lead to join our Center of Excellence in Bengaluru. This is a senior operational role focused on analyst tradecraft, intelligence rigor, and consistent decision-making within a high-velocity SOC environment. As detection methods, data volume, and automation evolve, this role ensures that analyst reasoning, intelligence workflows, and escalation decisions remain structured, defensible, and aligned with best practices. The position works in close partnership with India-based leadership and global stakeholders including Product Management, Customer Success, Support, and Intelligence Services, serving as a senior practitioner who strengthens how intelligence is assessed, reasoned about, and acted upon at scale. This role is not about throughput. It is about how analysts think, how decisions are formed, and how tradecraft evolves without degradation as tooling and AI capabilities expand.

Job Responsibility:

  • Strengthen consistency and defensibility of SOC decision-making across analysts, shifts, and regions
  • Apply deep understanding of the intelligence cycle (collection, evaluation, analysis, dissemination) to operational workflows
  • Observe analyst reasoning patterns to identify cognitive inconsistencies, training opportunities, areas where workflows can better support structured thinking
  • Design and refine workflows that help diverse analysts arrive at consistent, explainable, and defensible outcomes
  • Partner with training and documentation teams to reinforce analytical tradecraft, improve how intelligence reasoning is taught and evaluated
  • Collect and analyze operational and analytical data to distinguish skill gaps vs system limitations, noise vs meaningful signal
  • Develop clear, evidence-based narratives that inform leadership, product, and engineering decisions
  • Partner with engineering and product teams to identify opportunities for ML/AI implementation
  • Serve as a senior operational reference during complex or ambiguous escalation scenarios
  • Monitor the operational ticketing and case-management systems to identify critical escalations, recurring themes, or emerging risks, and to ensure that support teams are equipped with clear guidance, documentation, and escalation paths to address customer and internal requests effectively
  • Maintain regular working-hour overlap with global stakeholders
  • flexibility outside standard hours may be required during periods of urgency

Requirements:

  • Bachelor’s degree or equivalent professional experience
  • advanced degree in intelligence, security studies, or a related field is a plus
  • 5+ years of experience in SOC operations, intelligence analysis, threat intelligence, or a comparable analytical environment
  • Demonstrated experience training, mentoring, or guiding analysts in structured analytical approaches
  • Experience working in scaled, high-volume SOC environments with diverse analyst populations
  • Proven ability to collaborate effectively with engineering, product, and training teams across time zones
  • Deep knowledge of SOC operations, intelligence analysis, and analytical tradecraft
  • Strong understanding of how analysts reason under uncertainty and time pressure
  • Ability to design workflows that support structured thinking and defensible decisions
  • Excellent written and verbal communication skills, particularly in explaining analytical reasoning
  • Strong data literacy with the ability to interpret analytical and operational metrics meaningfully
  • Comfort engaging with AI- and ML-driven systems from an analytical governance perspective
  • High degree of independence, judgment, and professional maturity
What we offer:
  • Competitive compensation
  • Community-driven culture with employee events
  • Generous time off
  • Best-in-class benefits
  • Fun, modern workspace
  • Respectful and nourishing work environment, where every opinion is heard and everyone is encouraged to be an active part of the organizational culture

Additional Information:

Job Posted:
February 01, 2026

Employment Type:
Fulltime
Work Type:
On-site work
Icon
ZeroFox - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Principal SOC Operations Lead

Principal Cybersecurity Incident Response Analyst

Principal Cybersecurity Incident Response Analyst role at HPE's Cyber Defense Ce...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree (or equivalent work experience) required, preferably in computer science, engineering or related area of study
  • Typically 8+ years of relevant experience
  • SOC team/Incident response/Advanced threat analyst experience is required
  • Proven track record of leading complex cybersecurity initiatives and managing ambiguous incidents
  • Extensive understanding of adversary tactics, techniques, and procedures (TTPs)
  • Extensive Cyber and IT security knowledge
  • Extensive understanding of Cyber and IT security risks, best practices, threats and prevention measures
  • Extensive understanding of SQL and relevant scripting languages
  • Extensive data security system analysis skills
  • Extensive risk assessment and management skills
Job Responsibility
Job Responsibility
  • Lead and coordinate responses to the most severe and complex cybersecurity incidents
  • Guide cross-functional teams through containment, eradication, and recovery
  • Provide executive-level oversight and decision-making during critical incidents
  • Effectively analyze associated logs and respond to high severity incidents
  • Contribute to the company's security response methods
  • Mentor and provide technical guidance to less experienced cybersecurity professionals
  • Stay at the forefront of cybersecurity trends, threats, and technologies
  • Foster a culture of continuous improvement and innovation
  • Provide insight and guidance through after action reviews
What we offer
What we offer
  • Health & Wellbeing benefits
  • Personal & Professional Development programs
  • Unconditional Inclusion environment
  • Comprehensive benefits suite supporting physical, financial and emotional wellbeing
  • Fulltime
Read More
Arrow Right

Principal Consultant – SOC Transformation and XSIAM Deployment

As a Principal Consultant for SOC Transformation & XSIAM Deployment, you will be...
Location
Location
United States , Austin
Salary
Salary:
163000.00 - 224500.00 USD / Year
paloaltonetworks.it Logo
Palo Alto Networks Italia
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A proven track record in modernizing Security Operations Centers (SOCs) to achieve automation, AI-driven detection, and measurable improvements in MTTD/MTTR
  • Exceptional executive presence, with strong verbal and written communication skills to engage with stakeholders from the SOC analyst to the CISO
  • Experience acting as a trusted advisor to senior security leaders, with the ability to diagnose challenges and deliver strategic recommendations
  • 10+ years of hands-on experience in deploying and integrating SIEM/security analytics solutions within large enterprise environments
  • 8+ years of experience with Security Operations Center (SOC) tooling, processes, and workflows
  • Hands-on technical mastery across SIEM, SOAR, EDR, cloud security, and threat intelligence
  • Ability to conceive, architect, and develop effective correlation and detection rules
  • Must be able to travel up to 30%
Job Responsibility
Job Responsibility
  • Serve as the lead strategic advisor and subject matter expert for customers undertaking a full-scale SOC modernization with XSIAM
  • Lead multi-national SOC transformation programs, consolidating fragmented detection and response processes into a unified, AI-driven platform
  • Direct enterprise-scale XSIAM deployments, guiding customers from initial strategy through to full operationalization
  • Devise and oversee comprehensive log ingestion strategies to ensure high-quality data fuels the XSIAM platform
  • Architect and implement sophisticated detection strategies and correlation rules to fortify customer defenses against advanced threats
  • Fine-tune and optimize log sources and correlation rules to maximize system performance and detection efficacy
  • Identify opportunities to enhance analyst alert handling and response through automation, collaborating with teams to implement solutions
  • Build and mentor high-performing professional services teams, fostering a culture of collaboration and accountability
  • Fulltime
Read More
Arrow Right

Principal Professional Services Engineer

The Customer Success team is critical to our customers and is a cornerstone of o...
Location
Location
India , Mumbai
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree with 15 years of experience, or Master's degree with 12 years of experience, or PhD with 8 years of experience in a related field
  • Demonstrated experience running a Security Operations Center (SOC), with a proven track record of modernizing operations
  • Extensive hands-on experience in deploying and integrating SIEM/security analytics solutions within large enterprise environments
  • Deep expertise with Security Operations Center (SOC) tooling, processes, and workflows
  • Hands-on technical mastery across SIEM, SOAR, EDR, cloud security, and threat intelligence
  • Strong expertise in Regular Expressions (Regex)
Job Responsibility
Job Responsibility
  • Serve as the lead strategic advisor and subject matter expert for customers undertaking a full-scale SOC modernization with XSIAM
  • Lead multi-national SOC transformation programs, consolidating fragmented processes into a unified, AI-driven platform
  • Direct enterprise-scale XSIAM deployments, guiding customers from initial strategy through to full operationalization
  • Devise and oversee comprehensive log ingestion strategies to ensure high-quality data fuels the XSIAM platform
  • Architect and implement sophisticated detection strategies and correlation rules to fortify customer defenses against advanced threats
  • Proactively collaborate with Product and R&D teams to incorporate field insights into roadmap priorities, ensuring alignment on shared objectives
  • Transform ambiguity into structured action plans, driving accountability and ensuring all stakeholders follow through on commitments
  • Identify opportunities to simplify complex workflows and enhance analyst alert handling and response through automation
  • Fulltime
Read More
Arrow Right

Sr Principal Professional Services Engineer

As a Principal Consultant for SOC Transformation & XSIAM Deployment, you will be...
Location
Location
Germany , Berlin
Salary
Salary:
Not provided
paloaltonetworks.it Logo
Palo Alto Networks Italia
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A proven track record in modernizing Security Operations Centers (SOCs) to achieve automation, AI-driven detection, and measurable improvements in MTTD/MTTR
  • Exceptional executive presence, with strong verbal and written communication skills to engage with stakeholders from the SOC analyst to the CISO
  • Experience acting as a trusted advisor to senior security leaders, with the ability to diagnose challenges and deliver strategic recommendations
  • 10+ years of hands-on experience in deploying and integrating SIEM/security analytics solutions within large enterprise environments
  • 8+ years of experience with Security Operations Center (SOC) tooling, processes, and workflows
  • Hands-on technical mastery across SIEM, SOAR, EDR, cloud security, and threat intelligence
  • Ability to conceive, architect, and develop effective correlation and detection rules
  • Familiarity with a range of SIEM technologies, such as Splunk and IBM QRadar, is a plus
  • Strong expertise in Regular Expressions (Regex)
  • Relevant bachelor's degree or industry-recognized qualifications (CISSP, GIAC, etc.), is a plus
Job Responsibility
Job Responsibility
  • Serve as the lead strategic advisor and subject matter expert for customers undertaking a full-scale SOC modernization with XSIAM
  • Lead multi-national SOC transformation programs, consolidating fragmented detection and response processes into a unified, AI-driven platform
  • Direct enterprise-scale XSIAM deployments, guiding customers from initial strategy to full operationalization
  • Devise and oversee comprehensive log ingestion strategies to ensure high-quality data fuels the XSIAM platform
  • Architect and implement sophisticated detection strategies and correlation rules to fortify customer defenses against advanced threats
  • Fine-tune and optimize log sources and correlation rules to maximize system performance and detection efficacy
  • Identify opportunities to enhance analyst alert handling and response through automation
  • Transform ambiguity into structured action plans, driving accountability at every level of a customer engagement
  • Build and mentor high-performing professional services teams that blend consulting, engineering, and change management expertise
  • Partner with Product and R&D teams to incorporate field insights into roadmap priorities
Read More
Arrow Right

Principal Security Operations Engineer - Systems Architect

The Cloud & AI organization accelerates Microsoft’s mission and ambitions to ens...
Location
Location
United States , Redmond
Salary
Salary:
139900.00 - 274800.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • Doctorate in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR equivalent experience
  • Ability to meet Microsoft, customer and/or government security screening requirements are required for this role
  • These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter
Job Responsibility
Job Responsibility
  • Own the TCB security architecture: threat model key trust boundaries, define target states, and codify compensating controls
  • Lead risk identification & key results frameworks: quantify breach paths, set objective success criteria, and measure risk residuals
  • Architect isolation patterns (identities, secrets, network paths, compute/storage seams) and drive enforcement with engineering owners
  • Design telemetry baselines and validation loops (coverage, quality, retention) to support operations, and close gaps with productized pipelines
  • Run burndown campaigns: prioritize work, produce decision docs, sequence mitigations, and hold the line on SLAs
  • Fulltime
Read More
Arrow Right

Gaming Principal, Cloud Threat Detection & Incident Response Engineer

We are seeking a Gaming Principal, Cloud Threat Detection & Incident Response En...
Location
Location
United States , Multiple Locations
Salary
Salary:
139900.00 - 274800.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR equivalent experience
Job Responsibility
Job Responsibility
  • Architect and drive Gaming’s cloud-first detection and response vision by integrating Azure, AWS, and GCP (Google Cloud Platform) native security services and telemetry sources into TDIR (Threat Detection, Investigation, and Response) workflows
  • Lead adoption and optimization of Microsoft Defender for Cloud, Sentinel, Entra ID security, Defender for Cloud Apps, and other cloud-native security controls
  • Establish standards and reference architectures for cloud telemetry ingestion, normalization, enrichment, and threat analytics across diverse studio environments
  • Build and maintain high-fidelity, cloud-native detections targeting threat actors across identity, SaaS, PaaS, IaaS, and Kubernetes environments
  • Develop behavioral detections leveraging KQL (Kusto Query Language), automation, analytics, and ML-assisted methodologies
  • Partner with threat intelligence to map adversary TTPs (Tactics, Techniques, and Procedures) to cloud control surfaces and turn insights into durable detection engineering roadmaps
  • Serve as principal technical authority during major cloud-related incidents, providing expert guidance on identity compromise, lateral movement, key/material theft, resource manipulation, and multi-cloud attack paths
  • Formalize standards for cloud investigations, including telemetry requirements, visibility gaps, and automated triage workflows
  • Drive post-incident cloud hardening by influencing product teams, studio engineering, and platform owners
  • Architect and implement automation for detection deployment, evidence collection, containment, and remediation using Azure Functions, Logic Apps, and modern SOAR patterns
  • Fulltime
Read More
Arrow Right

Engineer II - Cyber Incident Response

The Engineer II, Cyber Incident Response, is a mid-level technical role within t...
Location
Location
United States , Conshohocken; Frisco
Salary
Salary:
Not provided
cencora.com Logo
Cencora
Expiration Date
March 23, 2026
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or equivalent work experience
  • Strong knowledge of cybersecurity fundamentals, incident response methodology, and adversary tactics
  • Familiarity with industry frameworks such as NIST, MITRE ATT&CK, and ISO 27035
  • 2–5 years of progressive experience in cybersecurity, with at least 2 years in SOC operations or incident response
  • Hands-on experience with SIEM, EDR, and forensic tools (e.g., Splunk, CrowdStrike, Wireshark)
  • Demonstrated ability to analyze logs, alerts, and artifacts to support incident investigations
  • Strong written and verbal communication skills for documenting findings and briefing stakeholders
Job Responsibility
Job Responsibility
  • Investigate and respond to cybersecurity incidents, including phishing, malware, ransomware, and unauthorized access attempts
  • Perform analysis of logs, alerts, and forensic data to determine the scope and impact of incidents
  • Escalate complex or high-severity incidents to Engineer III, Lead, or Principal staff, providing clear documentation and evidence
  • Assist in containment, eradication, and recovery activities during incident response
  • Contribute to the development and maintenance of SOC playbooks, runbooks, and standard operating procedures
  • Collaborate with threat intelligence, vulnerability management, and forensics teams to strengthen detection and response strategies
  • Participate in lessons-learned sessions and recommend improvements to SOC processes and tooling
  • Support junior analysts (Engineer I) by sharing knowledge and providing guidance on investigative techniques
What we offer
What we offer
  • medical
  • dental
  • vision care
  • comprehensive suite of benefits focusing on physical, emotional, financial, and social wellness
  • support for working families
  • backup dependent care
  • adoption assistance
  • infertility coverage
  • family building support
  • behavioral health solutions
  • Fulltime
!
Read More
Arrow Right

Principal Security Engineer

Transform security and compliance into a scalable, engineered capability for a f...
Location
Location
Sweden , Stockholm
Salary
Salary:
Not provided
inhouse.se Logo
Inhouse AB
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Several years of experience from a senior role within IT security
  • Experience building and redesigning systems, not just running them
  • Solid experience within cloud security and security architecture
  • Comfortable owning outcomes in regulated environments
  • Focused on turning frameworks into automated, continuously running controls
  • Curious by nature, motivated by improvement
  • Excited to use automation and AI to reduce friction and increase confidence
  • Comfortable operating close to technology while communicating clearly with stakeholders
  • Ability to translate technical risk into business impact
Job Responsibility
Job Responsibility
  • Define vision for security architecture & design: Act as lead architect for security roadmap, ensuring security-by-design is embedded across platform
  • Translate complex risks into engineering requirements
  • Drive modernization and automation: Own integration of guardrails into AWS, Terraform, and CI/CD pipelines
  • Leverage automation and AI to move away from manual checks toward continuous controls
  • Take governance, risk & compliance ownership: Own information security framework including ICT policies, BIA, and BCP/DR plans
  • Ensure operations align with global standards and regulations such as NIST, SOC 2, ISO 27001, GDPR, and DORA
  • Operational Resilience & Incident Leadership: Lead technical incident response efforts
  • Proactively enhance platform reliability
  • Mature observability and automation
  • Third-party & regulatory oversight: Oversee IT and BPO providers
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy