Team Lead - Tier 2 SOC Analysts

Your Mission

As Team Lead for Tier 2 SOC Analysts, you will be a critical link between the global operational level (Tier 1) and advanced security functions (Tier 3, Incident Response, Cyber Threat Intelligence). You will lead a team of specialists who analyze security events daily, investigate threats, and ensure fast, precise, and high-quality escalation of critical incidents to higher-level support.

Your focus will be on team development and motivation, improving detection quality, and optimizing processes within our global 24/7 SOC environment.

What You’ll Do

• Organize and manage the daily workflow and priorities of the team – plan capacity, schedules, and coordinate activities.
• Participate in hiring, evaluating, and developing team members, contributing to a skilled and motivated SOC community.
• Guide and oversee the incident investigation and handling process, from initial analysis to validation and effective escalation to the Tier 3 Incident Response team, ensuring a fast and clear flow of information.
• Mentor and support SOC analysts, developing their technical and analytical skills, and lead onboarding of new members to ensure smooth and effective integration.
• Contribute to the development and continuous optimization of Use Cases and Playbooks, ensuring they remain up-to-date and consistently applied in daily SOC operations.
• Actively participate in improving SOC processes, detection rules, and tools, working closely with the SOC Manager and global teams to continuously raise efficiency and accuracy.
• Serve as a key link between the global Tier 1 team and higher SOC functions (Tier 3, Threat Intelligence, Incident Response), ensuring smooth information flow, standardized escalation, and high-quality response to security events.
• Turn data into insights – through regular reports and analyses, demonstrate how your team improves detection, reduces false positives, and increases SOC effectiveness week by week.

What We Expect

• Experience in cybersecurity, SOC, or Incident Response (preferably 4+ years), with a willingness to take on a leadership role and mentor others (formal managerial experience not required, but a leadership mindset is essential).
• Advanced understanding of network protocols, operating systems, SIEM tools, threat analysis, and good knowledge of the MITRE ATT&CK framework.
• Proficiency in English (written and spoken).
• Advantage: relevant certifications (Security+, CySA+, CASP+, Blue Team Level 2, etc.).

What we offer:

• Work in a global SOC environment with advanced tools and technologies.
• Participation in international projects.
• Opportunity to achieve your biggest potential and development in your area of ​​responsibility.
• Continuous development and advancement through industry-relevant certifications and internal/external training/workshops.
• Learning and sharing experiences with well-known and respected experts in the field of information/cybersecurity.
• Positive, motivating, international work environment with a clear focus on quality and growth.
• Hybrid work – office work + work from home.
• Flexible working hours.
• Additional and supplementary health insurance packages.
• Multisport membership.
• Pet-friendly office.
• Social events and team bonding gatherings.
• Compensation package consisted of base + bonus part, competitive in the market.