CrawlJobs Logo
Vodafone Logo Vodafone · IT - Software Development

SOC Lead - Cyber Security Operations

India, Bangalore Employment contract · Job Posted June 03, 2026
Apply Position
Job Link Share

Job Description

We are seeking an experienced SOC Lead to head Vodafone’s Security Operations Centre (SOC) as part of Cyber Defence Operations (CDO). This role is accountable for the end-to-end delivery of SOC monitoring and response services across markets, ensuring consistent, high-quality detection and incident response in a 24x7 environment. The role combines operational leadership, deep technical expertise, and a strong transformation mindset, with a particular focus on embedding automation and AI-driven capabilities into live SOC operations. Acting as a bridge between operational excellence and SOC modernisation, the individual will ensure that new capabilities are effectively adopted, governed, and optimised to strengthen Vodafone’s global cyber defence posture.

Job Responsibility

  • Lead and manage 24x7 SOC operations, ensuring consistent, high-quality alert monitoring, triage, and incident response across all markets
  • Own and drive SOC service performance against key KPIs including MTTT, MTTR, triage quality, and SLA adherence, delivering measurable improvements in detection quality, response speed, and efficiency
  • Oversee the full alert lifecycle, ensuring accurate investigation, containment, escalation, and high-quality incident reporting
  • Continuously enhance detection capabilities by improving SIEM use cases, alert logic, and playbooks, reducing false positives and increasing coverage across priority threat scenarios
  • Drive the adoption of automation, SOAR, and AI-assisted capabilities to improve speed, consistency, and scalability, with appropriate governance and human oversight
  • Lead SOC transformation initiatives focused on reducing alert fatigue, streamlining workflows, and improving analyst productivity
  • Build, coach, and develop a high-performing SOC team through structured capability development, performance management, and knowledge sharing
  • Act as the final escalation point for complex or high-risk incidents, applying expert judgement to validate and close cases
  • Deliver clear, data-driven SOC performance and incident reporting to senior leadership
  • Foster a culture of continuous improvement through post-incident reviews, detection retrospectives, and operational learning

Requirements

  • 8+ years in security operations, including at least 4+ years in a SOC leadership or senior incident response role
  • Proven leader of 24x7 SOC teams, with a strong track record of improving MTTT/MTTR, triage quality, and operational performance
  • Technical authority in incident response, capable of leading complex investigations and making sound decisions under pressure
  • Highly experienced with SIEM platforms such as Splunk, Microsoft Sentinel, Google SecOps, ArcSight, or QRadar, and familiar with EDR/NDR technologies
  • Skilled in driving SOC automation, SOAR, and AI-enabled capabilities, with a clear understanding of governance and responsible use
  • Knowledgeable across network, endpoint, and cloud security, with a strong grasp of attacker techniques and the MITRE ATT&CK framework
  • Analytical decision-maker who balances risk, speed, and business impact in ambiguous situations
  • Passionate about developing people and building sustainable SOC capability for the future
  • Educated to degree level in Cyber Security, Computer Science, Information Technology, or a related discipline (or equivalent practical experience)
  • Holder of relevant certifications such as GIAC, CISSP, or vendor-specific SOC certifications
  • Committed to continuous learning, innovation, and contribution to the wider security community

Nice to have

Interest or exposure to AI/ML in security

What we offer

  • The opportunity to lead a globally impactful SOC function within a recognised Cyber Defence Centre of Excellence
  • Exposure to large-scale, complex cyber defence operations across multiple international markets
  • The chance to shape and influence the future of SOC operations through automation and AI-driven transformation
  • A collaborative, inclusive environment that supports professional growth and continuous learning
  • The ability to work with advanced security technologies and experienced cyber defence professionals
Vodafone - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

SOC Lead - Cyber Security Operations

8 matching positions

Cyber Security Soc Analyst

The SOC Analyst (L1/L2) and Lead are responsible for proactive monitoring, detec...
Location
Location
India , Chennai
Salary
Salary:
Not provided
https://www.soprasteria.com Logo
Sopra Steria
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong knowledge of SIEM platforms and alert investigation
  • Advanced incident response, malware analysis, and RCA expertise
  • Deep knowledge of endpoint and network security tools
  • Threat hunting and forensic investigation capabilities
  • Familiarity with vulnerability management and DLP/email security
  • Experience with threat intelligence platforms and TTP mapping
  • Strong analytical, communication, and documentation skills
  • Guide development of SOC procedures/runbooks and continuous improvement initiatives
  • Administer DLP and email security systems
  • Operate Microsoft Defender for Endpoint, conduct threat hunting via EDR telemetry and memory dumps
Job Responsibility
Job Responsibility
  • Proactive monitoring, detection, investigation, and response to security threats using industry-leading solutions
  • Guide and architect SOC workflows and systems to ensure robust organizational security
  • Threat hunting and forensic investigation
  • Administer DLP and email security systems
  • Operate Microsoft Defender for Endpoint, conduct threat hunting via EDR telemetry and memory dumps
  • Use, configure, and optimize SIEM tools (Splunk, IBM QRadar, Microsoft Sentinel, LogRhythm, ArcSight, Elastic SIEM) for threat identification and alert management
  • Guide development of SOC procedures/runbooks and continuous improvement initiatives
  • Leadership and team management
What we offer
What we offer
  • Inclusive and respectful work environment
  • Positions open to people with disabilities
  • Fulltime
Read More
Arrow Right

SOC Operations Manager

This is an exceptional opportunity to lead, shape, and elevate a Security Operat...
Location
Location
United Kingdom , Hemel Hempstead
Salary
Salary:
80000.00 - 90000.00 GBP / Year
thepeoplenetwork.co.uk Logo
Fynity
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience leading SOC operations in a 24×7 or multi-client environment
  • Strong background in incident management, threat detection, and escalation processes
  • Technical depth across SIEM/SOAR tooling, preferably Splunk or Microsoft Sentinel
  • A passion for developing teams — coaching analysts and building collaborative, high-performing cultures
  • Strong understanding of frameworks and standards such as NIST, MITRE ATT&CK, ISO 27001, CREST, and ITIL
  • Excellent communication skills, with the ability to translate technical risks into clear business impacts
  • Security Clearance – Willing and Able to go through the DV process
  • Have held budgetary responsibility
Job Responsibility
Job Responsibility
  • Lead and develop a skilled SOC team, inspiring a culture of continuous learning and technical excellence
  • Oversee the full lifecycle of security incidents — from detection through to resolution and review
  • Manage and optimise SIEM and SOAR platforms (Splunk, Sentinel, Elastic) to enhance detection and automation capabilities
  • Drive continuous improvement through ITIL-aligned processes and adherence to CREST standards
  • Oversee vulnerability management, threat intelligence, and incident response plans
  • Communicate security posture, risks, and incident outcomes clearly to senior stakeholders
  • Ensure operational readiness and contribute to maintaining industry accreditations
  • Fulltime
Read More
Arrow Right

Telemetry Operations Leader

The Telemetry Operations Leader drives the operational backbone of the Telemetry...
Location
Location
United States , Multiple Locations
Salary
Salary:
139900.00 - 274800.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response OR Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response OR equivalent experience
  • Candidates must be able to meet Microsoft, customer and/or government security screening requirements are required for this role
  • Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter
Job Responsibility
Job Responsibility
  • Own day-to-day operations for telemetry access, brokering, curation, and monitoring, ensuring the function consistently meets SLA/SLO targets and service expectations across clouds, tenants, and data types
  • Maintain and evolve predictable access pathways, reducing friction points and handoffs for analysts and engineers
  • Drive operational excellence through structured inspection rhythms, backlog transparency, and standardization of request types and service catalog items
  • Oversee the end‑to‑end intake → triage → greenlight → delivery pipeline for telemetry requests, ensuring the highest‑impact datasets and access paths are prioritized
  • Partner with upstream service teams to broker access accurately, escalate gaps, and drive engineering follow‑through when generation is required
  • Ensure prioritization decisions are transparent, value‑driven, and communicated broadly across the cyber defense ecosystem
  • Lead the development and operationalization of monitoring frameworks for telemetry coverage, data freshness, critical failures, and dependency health
  • Own dashboards and reporting for service health, cycle time, request volumes, SLA adherence, and failure clusters
  • Ensure rapid escalation paths for critical telemetry failures to technical owners
  • Systematize the operating model for data discovery, access, brokering, and curation
  • Fulltime
Read More
Arrow Right

Principal Security Operations Engineer - Systems Architect

The Cloud & AI organization accelerates Microsoft’s mission and ambitions to ens...
Location
Location
United States , Redmond
Salary
Salary:
139900.00 - 274800.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • Doctorate in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR equivalent experience
  • Ability to meet Microsoft, customer and/or government security screening requirements are required for this role
  • These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft background and Microsoft Cloud background check upon hire/transfer and every two years thereafter
Job Responsibility
Job Responsibility
  • Own the TCB security architecture: threat model key trust boundaries, define target states, and codify compensating controls
  • Lead risk identification & key results frameworks: quantify breach paths, set objective success criteria, and measure risk residuals
  • Architect isolation patterns (identities, secrets, network paths, compute/storage seams) and drive enforcement with engineering owners
  • Design telemetry baselines and validation loops (coverage, quality, retention) to support operations, and close gaps with productized pipelines
  • Run burndown campaigns: prioritize work, produce decision docs, sequence mitigations, and hold the line on SLAs
  • Fulltime
Read More
Arrow Right

Gaming Principal, Cloud Threat Detection & Incident Response Engineer

We are seeking a Gaming Principal, Cloud Threat Detection & Incident Response En...
Location
Location
United States , Multiple Locations
Salary
Salary:
139900.00 - 274800.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Doctorate in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 6+ years experience in software development lifecycle, large-scale computing, threat modeling, cyber security, anomaly detection, Security Operations Center (SOC) detection, threat analytics, security incident and event management (SIEM), information technology (IT), or operations incident response
  • OR equivalent experience
Job Responsibility
Job Responsibility
  • Architect and drive Gaming’s cloud-first detection and response vision by integrating Azure, AWS, and GCP (Google Cloud Platform) native security services and telemetry sources into TDIR (Threat Detection, Investigation, and Response) workflows
  • Lead adoption and optimization of Microsoft Defender for Cloud, Sentinel, Entra ID security, Defender for Cloud Apps, and other cloud-native security controls
  • Establish standards and reference architectures for cloud telemetry ingestion, normalization, enrichment, and threat analytics across diverse studio environments
  • Build and maintain high-fidelity, cloud-native detections targeting threat actors across identity, SaaS, PaaS, IaaS, and Kubernetes environments
  • Develop behavioral detections leveraging KQL (Kusto Query Language), automation, analytics, and ML-assisted methodologies
  • Partner with threat intelligence to map adversary TTPs (Tactics, Techniques, and Procedures) to cloud control surfaces and turn insights into durable detection engineering roadmaps
  • Serve as principal technical authority during major cloud-related incidents, providing expert guidance on identity compromise, lateral movement, key/material theft, resource manipulation, and multi-cloud attack paths
  • Formalize standards for cloud investigations, including telemetry requirements, visibility gaps, and automated triage workflows
  • Drive post-incident cloud hardening by influencing product teams, studio engineering, and platform owners
  • Architect and implement automation for detection deployment, evidence collection, containment, and remediation using Azure Functions, Logic Apps, and modern SOAR patterns
  • Fulltime
Read More
Arrow Right

Security Operations Engineer

Axis, part of AxisCLC is a national property maintenance and compliance partner,...
Location
Location
United Kingdom
Salary
Salary:
55000.00 - 65000.00 GBP / Year
jobs.360resourcing.co.uk Logo
360 Resourcing Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Hands-on experience operating Microsoft 365 security tools and Microsoft Azure
  • Practical experience investigating security alerts and responding to incidents
  • Experience working with ticketing systems to manage security incidents and requests
  • Strong troubleshooting skills and the ability to remain calm under pressure
  • Experience working collaboratively with third-party security partners or SOC providers
  • Ability to produce clear incident reports and maintain operational documentation
  • Strong communication skills, with the ability to explain technical issues to non-technical stakeholders
  • Proven experience working in an operational Security Operations Engineer role or similar cyber security position
Job Responsibility
Job Responsibility
  • Act as the primary operational point of contact for cyber security activity across the business
  • Monitor and operate Microsoft Defender for Endpoint, Defender for Cloud Apps, Defender for Office 365 and Azure Sentinel
  • Investigate security alerts and suspicious activity, coordinating incident response with our Security Operations Partner
  • Support the management of high and critical severity security incidents from detection through to resolution
  • Provide hands-on operational support to the Cyber Security Lead during major incidents
  • Conduct proactive threat hunting and analyse logs and telemetry to identify indicators of compromise
  • Tune detection rules to reduce false positives and improve detection effectiveness
  • Identify gaps in security coverage and recommend and implement improvements to controls and processes
  • Develop and maintain security automation, including Sentinel playbooks and automated workflows
  • Work with the Infrastructure Team to ensure endpoints are patched and configured in line with best practice
What we offer
What we offer
  • Pension and life assurance
  • 25 days’ annual leave plus bank holidays
  • Hybrid working from our Stratford, East London office
  • Opportunities to develop technical skills and progress within Group IT
  • Supportive, collaborative team environment within a growing cyber security function
  • Fulltime
Read More
Arrow Right

Supervisor, Cyber Operations

Georgia System Operations Corporation (GSOC) is a non-profit cooperative that op...
Location
Location
United States , Tucker, Georgia
Salary
Salary:
124200.00 - 155200.00 USD / Year
gasoc.com Logo
Georgia System Operations
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Cyber Security, Computer Science or Engineering, Information Technology, or a related field
  • Requires 10 or more years of experience with increasing responsibilities
  • At least 3 years of experience must be in a cyber security role
  • Must also have experience with technical writing
  • Experience leading, motivating, and developing a team of IT/OT professionals, preferably in a SOC environment
  • Experience in asset and change management principles and practices
  • Strong technical knowledge and experience with cyber security platform, applications, tools, and industry best practices
  • Excellent written and verbal communication skills, including the ability to clearly explain technical issues to both technical and non-technical stakeholders
  • Experience working in regulated environments such as NERC CIP or others is highly desired
  • Equivalent Experience: Associates Degree in Engineering, Engineering Technology, or Business, with at least 12 years of experience, with increasing responsibility, in electronic maintenance, cyber security, and/or information technology as described above. At least 5 years' experience must be in a cyber security role
Job Responsibility
Job Responsibility
  • Manage OT security event monitoring alert response, initial triage, and escalation
  • Manage OT access provisioning and revocation of accounts and roles required for CIP systems, data, and applications
  • Manage OT vulnerability management and threat intelligence programs
  • Manage OT asset management program for Bulk Electric System Cyber Systems and Assets
  • Evaluate emerging technologies and assess their applicability to various cyber programs
  • Collaborate with cross-functional teams, including operations and maintenance, engineering, audit, and IT, to ensure compliance with NERC CIP standards and other cyber programs
  • Provide technical guidance and mentorship to Security Operations analysts and PSOC/NOC (Physical Security Operations Center/Network Operations Center) operators
  • Supervision and performance management of staff, support of the processes and technology necessary for team effectiveness, and coordination of activities with other teams and departments within the FOC
  • Lead efforts to develop cyber programs, processes and activities that meet strategic business and security objectives and enable uninterrupted business and operations activities
  • Provide work direction and technical assistance to analysts in the Security Operations department. Take a hands-on role in mentoring, coaching, and developing other team members
What we offer
What we offer
  • comprehensive medical, dental, and vision coverage
  • a strong retirement program
  • career development
  • flexible work schedules
  • Fulltime
Read More
Arrow Right

Asia Cyber Security Operations Lead

Citigroup seeks an experienced, proactive, and innovative Asia Cybersecurity Ope...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 15+ years of experience in cybersecurity and financial services
  • Demonstrated leadership experience within security operations or similar functions
  • Proven track record of contributing to and managing security operations and supporting transformative change
  • Strong understanding of the cyber threat landscape, attack vectors, and mitigation strategies
  • Expertise in aspects of Security Operations Centers (SOC), Incident Response, Hunting Operations, Threat Defense, Penetration Testing, Vulnerability Management, Red Team operations, threat intelligence, and cybersecurity models
  • Strong communication, interpersonal, and team collaboration skills, with the ability to operate effectively across diverse regional cultures
  • Ability to work effectively in a fast-paced, high-pressure environment
  • Cybersecurity Leadership: Demonstrated ability to lead and motivate cybersecurity teams, manage projects, and contribute to strategic direction under pressure across multiple functions (SOC, Offensive Security, VM, Fusion Center)
  • Strategic Thinking: Capacity to assist in developing and implementing comprehensive Cybersecurity strategy aligned with business objectives and industry best practices across the JANA and Asia South regions
  • Transformation & Innovation: Experience supporting large-scale cyber and digital transformations, fostering a culture of innovation and continuous improvement
Job Responsibility
Job Responsibility
  • Contribute to and manage aspects of Cybersecurity Incident Response and Crisis Management within the JANA and Asia South regions
  • Oversee Hunting Operations and Threat Defense initiatives to proactively identify and neutralize threats
  • Lead and manage Penetration Testing, Vulnerability Management, and Red Team activities within the cluster
  • Support Third-party incident response and management processes
  • Assist in Critical Vulnerability response and remediation initiatives
  • Participate in and lead specific Cyber Exercises Program activities
  • Contribute to Cyber Threat Intelligence efforts and analysis
  • Support Cyber Data Analytics and reporting for regional operations
  • Assist in the development and implementation of Cybersecurity risk mitigation programs
  • Pro-actively support the Global Head in evolving the Cyber Fusion function and other cybersecurity operational capabilities, contributing to the development and implementation of a comprehensive strategy aligned with Citigroup's business enablement & efficiency objectives and security posture within the JANA and Asia South regions
  • Fulltime
Read More
Arrow Right