SOC Team Lead / SOC Manager

Responsibilities: 

• Hiring and building a team of SOC Analysts (L1, L2, L3) from the ground up. 
• Leading and managing the SOC team and ensuring 24/7 operations. 
• Owning shift planning, SOC procedures, playbooks, and escalation protocols. 
• Acting as point of escalation for complex security incidents and investigations. 
• Defining and monitoring SOC KPIs and metrics (MTTD, MTTR, SLA compliance). 
• Collaborating with Threat Intelligence, Incident Response, IT and Cloud teams. 
• Driving tuning and improvements across SIEM, EDR/XDR, SOAR platforms. 
• Ensuring compliance with regulatory frameworks (ISO 27001, NIS2, etc.). 
• Helping with onboarding and continuous training of SOC staff. 

Must-haves: 

• Experience in security operations (SOC, CSIRT, MSSP) for 5+ years. 
• Experience in a SOC Team Lead, Deputy Manager, or shift-lead role for 1+ year.  Deep knowledge of security monitoring, detection, incident handling. 
• Experience with SIEM (e.g., Sentinel, Splunk, QRadar), EDR/XDR platforms. 
• Hands on experience with incident triage, forensics, and escalation. 
• Strong understanding of MITRE ATT&CK, cyber kill chain, detection logic. 
• Level of English – from Upper-Intermediate+ and above.

Andersen is hiring a SOC Team Lead / SOC Manager in Poland to build and lead a Security Operations Center, defining processes, tools, and workflows to ensure effective security monitoring and incident response. 

Andersen is a pre-IPO software development company that provides a full cycle of services, following project management standards and best practices. For over 19 years, we have been helping enterprises and middle-sized firms transform their businesses by creating effective digital solutions using innovative technologies. 

The project is focused on building and leading a Security Operations Center from scratch, including designing SOC processes, tools, and workflows to ensure effective monitoring, detection, and response to security incidents.