About the Role

We are hiring on behalf of a client for a SOC Lead role based in Romania.

This is an onsite leadership role focused on managing high-quality security monitoring and incident response operations across multiple customer environments. The role will serve as the primary escalation point for complex incidents while mentoring analysts, improving SOC operations, and driving continuous improvements across detection, automation, and response processes.

About the Company

Our client is a cybersecurity company focused on helping organizations reduce exploitable risk through exposure-driven security operations and managed detection and response services.

They operate globally with distributed teams across the United States, Mexico, Romania, and the Philippines, delivering executive-level risk reduction programs and operational cybersecurity services.

Key Responsibilities

SOC Operations & Incident Response

• Ensure continuous, high-quality security monitoring and incident response across assigned customers

• Maintain awareness of alert queues, workloads, and analyst capacity

• Step in during spikes, escalations, or high-severity incidents

• Act as the primary escalation point for complex or high-impact incidents

• Lead investigations through containment, remediation guidance, and customer communication

• Ensure incidents are handled according to runbooks and SLAs

Service Quality & Process Improvement

• Own the quality of SOC output and customer-facing deliverables

• Review tickets for accuracy, clarity, and risk articulation

• Conduct QA reviews and drive corrective actions

• Maintain and improve SOC workflows, runbooks, and SOPs

• Identify operational inefficiencies and propose improvements

Leadership & Mentorship

• Mentor and coach SOC Analysts on investigations and documentation standards

• Support onboarding and cross-training initiatives

• Identify skill gaps and training needs within the SOC team

Detection Engineering & Automation

• Partner with Detection Engineering to tune detections and reduce false positives

• Collaborate with Engineering teams to validate SOC automations before rollout

• Ensure operational usability of new tooling and technologies

Reporting & Metrics

• Track operational KPIs including SLA adherence, escalation accuracy, MTTT, and MTTR

• Provide insights on threat trends and SOC performance

• Contribute to customer reporting and operational reviews

Requirements

• 4+ years of Cyber Security experience

• At least 2+ years in a SOC, MSSP, or operational security environment

• 1+ years of leadership experience in security operations

• Experience with incident handling, threat analysis, and security monitoring across endpoint, network, and cloud environments

• Hands-on experience with SIEM platforms, rule tuning, and dashboard creation

• Strong analytical and problem-solving skills

• Ability to define and interpret SOC KPIs

• Strong written and verbal communication skills

• Ability to work in a fast-paced MSSP environment

• Passion for cybersecurity, emerging threats, and security technologies

Preferred Qualifications

• Experience with SOAR platforms and EDR solutions

• Familiarity with Elastic Stack (Elasticsearch, Kibana, Beats, Logstash)

• Experience with forensic analysis and post-incident reporting

• Exposure to vulnerability management, threat intelligence, scripting, or automation

• Familiarity with Red Team concepts or offensive security frameworks

• Bachelor’s degree in Computer Science, Cyber Security, Engineering, or related field

Role Details

• Location: Bucharest or Cluj Napoca, Romania

• Work Setup: Onsite

• Employment Type: Full-time

Pro5 is a global platform helping thousands of vetted professionals get hired by top employers. See what others say on our public Google Reviews and learn how we keep your data safe in our Trust Center.

Show more
Show less