Team Lead – Cybersecurity (GRC & SOC)

We are seeking a highly skilled and proactive Team Lead – Cybersecurity with a strong focus on Governance, Risk & Compliance (GRC) and Security Operations Center (SOC) functions. The ideal candidate will be responsible for leading cybersecurity operations, ensuring regulatory compliance, managing organizational risk, and overseeing real-time threat detection and response.

This role requires a strategic thinker with hands-on technical expertise who can bridge the gap between compliance frameworks and operational security.

Key Responsibilities

Leadership & Strategy

• Lead and mentor the cybersecurity team across GRC and SOC functions.
• Define and implement cybersecurity strategies aligned with business objectives.
• Establish security governance frameworks, policies, and procedures.
• Act as the primary point of contact for cybersecurity initiatives and escalations.

Governance, Risk & Compliance (GRC)

• Develop, implement, and maintain information security policies, standards, and controls.
• Ensure compliance with international standards such as ISO 27001, NIST, and CIS frameworks.
• Conduct risk assessments, gap analysis, and risk treatment planning.
• Manage internal and external audits, including regulatory and client compliance requirements.
• Oversee third-party/vendor risk assessments and security due diligence.

Security Operations (SOC)

• Oversee daily SOC operations including monitoring, alert triaging, and incident response.
• Manage and optimize SIEM, SOAR, EDR/XDR, and threat intelligence platforms.
• Lead incident investigation, root cause analysis, and remediation efforts.
• Develop and maintain incident response plans, playbooks, and runbooks.
• Ensure continuous improvement of detection use cases and threat-hunting capabilities.

Risk Management & Incident Handling

• Identify, assess, and prioritize cybersecurity risks across the organization.
• Lead incident response activities and coordinate with internal and external stakeholders.
• Conduct post-incident reviews and implement corrective/preventive actions.

Reporting & Stakeholder Management

• Prepare and present security reports, dashboards, and risk posture to senior management.
• Collaborate with IT, DevOps, Legal, and Compliance teams to ensure integrated security practices.
• Provide security awareness and training programs across the organization.

Required Qualifications & Skills

• Bachelor’s degree in Cybersecurity, Information Security, Computer Science, or a related field.
• 6–9 years of experience in cybersecurity with strong exposure to both GRC and SOC environments.
• Hands-on experience with SIEM tools (e.g., Splunk, QRadar, Microsoft Sentinel).
• Strong understanding of security frameworks (ISO 27001, NIST, CIS Controls).
• Experience in risk management, compliance audits, and policy development.
• Solid knowledge of incident response, threat detection, and vulnerability management.
• Leadership experience managing technical teams.

Preferred Certifications

• CISSP, CISM, or CISA
• ISO 27001 Lead Implementer / Lead Auditor
• CEH, CompTIA Security+, or equivalent
• Microsoft Security / Azure Security certifications (preferred)

Key Competencies

• Strong analytical and problem-solving skills
• Leadership and team management
• Excellent communication and stakeholder management
• Decision-making under pressure
• High level of integrity and accountability