Team Lead, Security Operations Center, Cyber Risk

We are looking for an experienced SOC Team Lead to join our thriving Cyber Team. 

This role will be remote in the UK

Day-to-day responsibilities: 

• Management: to hire, on-board, train, develop and motivate a team of top-tier SOC Analysts. To inspire, lead and mentor team members.
• Strategy: to be the subject matter expert when it comes to SOC team development and evolution – road-mapping a scalable plan for continued growth.
• Domain knowledge: to contribute to overall company strategy through awareness of current and evolving industry trends and threats.
• Communication: to regularly provide clear and concise reports and presentations to clients, partners, the SOC and the executive team.
• Collaboration: working in positive partnership with other teams at Kroll.
• Carry out in-depth investigations on security events, raise incidents and support the Incident Management process. 
• Provide remote incident response activities and advice to support customers during and immediately after security incidents.
• Maintain and improve SIEM correlation rules and Endpoint Protection detections.
• Supporting multiple customer environments concurrently.
• Other duties as assigned.

• Essential traits: 
• Extensive experience of working with a variety of the more popular SIEM and EDR tools.
• Business fluent English is required for customer interactions, internal communication, and collaboration. Excellent influencing skills – written, verbal and interpersonal communication, delivering complex ideas around a technical topic with speed and clarity to an experienced or inexperienced audience.
• Self-motivated with a positive, passionate attitude and a sense of fun - an entrepreneurial spirit, who can provide proactive, creative solutions proving an ability to “think on your feet”.
• Minimum 5 years of working in a SOC with experience leading teams, preferably in a commercial environment rather than a single entity SOC. 
• Has a passion for security and enjoys solving problems.
• Good knowledge of Cyber Security Incident Response processes & procedures.
• Excellent knowledge on the fundamentals of Windows and Unix systems.
• Good understanding of host forensics, memory forensics and network forensics.
• In-depth knowledge of the security threat landscape.
• Knowledge of various security methodologies and processes, and technical security solutions.
• Knowledge of TCP/IP Protocols, network analysis, and network/security applications.
• Knowledge of investigation techniques to determine security incidents.
• Ability to multi-task, prioritize, and manage time effectively.
• Strong attention to detail.
• Excellent interpersonal skills and professional demeanour.
• Industry standard certifications such as: CREST CRT, CREST CCT, OSCP, GCFA, GNFA, GREM.

Desirable

• Bachelor’s degree in a related field or equivalent experience and knowledge
• Experience of working in an MSSP/MDR SOC environment.

About Kroll 

Join the global leader in risk and financial advisory solutions—Kroll. With a nearly century-long legacy, we blend trusted expertise with cutting-edge technology to navigate and redefine industry complexities. As a part of One Team, One Kroll, you'll contribute to a collaborative and empowering environment, propelling your career to new heights. Ready to build, protect, restore and maximize our clients’ value? Your journey begins with Kroll. 

Kroll is committed to equal opportunity and diversity, and recruits people based on merit. 

In order to be considered for a position, you must formally apply via careers.kroll.com.  

#LI-Remote

#LI-TM1