Principal Information Security Engineer​/SOC Lead

Job Summary

We are seeking a highly experienced and results‑driven Principal Information Security Engineer SOC Lead to lead advanced cybersecurity operations, threat detection, and data protection initiatives. The ideal candidate will have deep expertise in SOC operations, SIEM, Microsoft XDR ecosystem, DLP, Dev Sec Ops , and cloud security, with proven experience in leading teams, managing incidents, and strengthening enterprise security posture.

• Security Operations & Incident Response
  :
  Lead Tier‑2 SOC operations, ensuring continuous monitoring and rapid response to security incidents. Perform in‑depth analysis of security alerts, logs, and threat intelligence feeds; conduct threat hunting using advanced tools such as Microsoft Defender XDR; lead incident response activities including root cause analysis and forensic investigations; ensure timely escalation and resolution of incidents in line with SLA requirements.
• SIEM XDR & Security Monitoring
  :
  Design, deploy, and manage SIEM solutions (e.g., IBM QRadar, Microsoft Sentinel). Manage and optimize the Microsoft XDR stack (Defender for Endpoint, Defender for Identity, Defender for Cloud, Defender for O365). Develop and fine‑tune detection rules, use cases, and correlation logic; integrate threat intelligence feeds to enhance detection capabilities; maintain dashboards and reporting for management visibility.
• Data Loss Prevention & Compliance
  :
  Lead end‑to‑end DLP program, including strategy, deployment, and governance. Define and manage DLP policies, classification, and data protection controls; handle DLP incident investigations and remediation; ensure compliance with global data protection regulations (EU, US) and industry best practices; generate executive reports on DLP metrics, risks, and effectiveness.
• Cloud Security & Dev Sec Ops :
  Monitor and secure cloud environments (Azure, AWS) using tools like Azure Monitor and AWS Cloud Watch. Implement Dev Sec Ops  practices and integrate security into CI/CD pipelines. Conduct code reviews and vulnerability assessments for secure application deployment; secure microservices architecture through authentication, authorization, and encryption.
• Vulnerability Management & Security Testing
  :
  Perform vulnerability assessments and penetration testing (VAPT) to identify, assess, and remediate vulnerabilities across infrastructure and applications. Conduct risk assessments and recommend mitigation strategies.
• Security Tools & Infrastructure Management
  :
  Manage and optimize enterprise security tools, including Imperva WAF, Cyber Ark PAM, Microsoft Intune, Microsoft Purview, Fortinet Firewalls, VPNs, Forescout NAC, and Zscaler. Ensure continuous improvement, health checks, and performance optimization.
• Leadership & Collaboration
  :
  Lead and mentor SOC and DLP teams. Collaborate with IT, Dev Ops, and business stakeholders during incidents and projects. Manage vendor relationships and evaluate new security technologies. Support audits and regulatory compliance initiatives.

• Master’s or Bachelor’s degree in Information Security, Cybersecurity, or a related field.
• 6–10 years of experience in cybersecurity, SOC, or information security roles.
• Strong expertise in SIEM (QRadar, Sentinel), Microsoft XDR and Defender suite, DLP solutions (Forcepoint, Microsoft Purview), cloud security (Azure, AWS), and Dev Sec Ops  with CI/CD security.
• Hands‑on experience with WAF, PAM, EDR, XDR, firewalls, NAC, and Zero Trust solutions.
• Strong knowledge of networking, Active Directory, Linux, threat intelligence, incident response, and forensics.
• Excellent analytical, problem‑solving, and communication skills.