SOC Team Lead

Short company description

BIT SENTINEL is one of the leading companies in Central and Eastern Europe to provide Managed Cyber Security services, Offensive Security, Compliance, and Cyber Range Services. 

The BIT SENTINEL Security Operation Center (BSS-CERT) is an effective and efficient solution designed, operated, and managed by experienced and certified security specialists providing offensive and defensive capabilities through the detection, analysis, and remediation of cyber threats.  

Since it was founded, the BIT SENTINEL team focused on providing premium and high-quality offensive security services such as advanced black box and white box penetration testing, application code review, forensics, and incident response. 

BSS-CERT is one of the first professional SOC-as-a-Service available for customers across all major verticals and industries who need comprehensive monitoring, detection, response, and threat intelligence capabilities.

The Security Operation Center currently operates under normal business hours in Bucharest, Romania, with the capability to be extended on 24/7 monitoring, depending on customers’ needs. Moreover, our team of engineers has a 24/7 on-call SLA response outside of standard business hours.

Duties and Responsibilities

The role of SOC Team Lead at BSS-CERT involves overseeing the operational activities of the Security Operations Center (SOC), ensuring effective monitoring, analysis, and response to cybersecurity incidents, while leading the team to meet performance goals, optimizing processes, and maintaining communication with senior management and clients to address evolving cyber threats effectively.

  • Operationally coordinates the SOC team.
  • Proposes key performance metrics and indicators for the SOC team to the SOC Manager.
  • Assesses the operational performance of the SOC team by monitoring agreed-upon key performance indicators with the SOC Manager.
  • Oversees the analysis and accuracy of security alerts managed by monitoring systems (e.g., SIEM, EDR).
  • Ensures cybersecurity incidents are investigated correctly and efficiently by the team.
  • Coordinates incident response activities and ensures proper adherence to incident response procedures.
  • Acts as an escalation point within the team for cybersecurity incidents and/or alerts investigated by team members.
  • Prepares detailed reports on cybersecurity incidents and/or investigations conducted by the team, upon request by the SOC Manager.
  • Participates in post-incident activities, including impact analysis and recommendations to avoid future similar situations.
  • Contributes to creating and updating internal procedures and instructions for handling security alerts and incidents.
  • Contributes to selecting, implementing, and updating SOC technologies and tools to effectively address evolving threats.
  • Maintains effective communication with senior management, providing relevant information about SOC security status and challenges.
  • Participates in recurring project management meetings with Bit Sentinel clients.

Requirements and Qualifications

  • Minimum of 3 years of experience in cybersecurity, specializing in one of the following: Cybersecurity Incident Response (IR) or Security Monitoring (e.g., eyes-on-glass, MDR).
  • At least 3 years of experience working with cybersecurity solutions such as SIEM and EDR.
  • At least 2 years of work experience in a similar role (team leader or SOC team coordination).
  • Proven experience and ability to provide technical coordination for SOC teams.
  • Strong leadership skills to guide subordinates toward performance and professional success.
  • Excellent understanding of concepts such as Security Operations Center (SOC) and Computer Security Incident Response Team (CSIRT).
  • Knowledge of cybersecurity standards related to incident response, such as NIST SP800-61r1, SP800-61r2, SANS PICERL, etc.
  • Experience in operationalizing and developing SOC-specific processes (procedures, work instructions, etc.).
  • Experience in cyber threat analysis, identifying threat actor specifics, and proposing remediation measures.
  • Experience in using and configuring security systems and applications for data collection, analysis, contextualization, and cyber threat reporting.
  • Proficiency in English (written and spoken).

Good to have

  • State and configuration automation tools like Ansible
  • Knowledge of building and deploying with Container tools: Docker Container Management and Registries, Kubernetes management
  • Previous knowledge of reverse engineering and malware analysis
  • Experience with systems development, systems administration and/or network administration
  • University degree from an accredited college or university, or equivalent 
  • Previous experience with raw log file review, data correlation, and analysis, as well as with network security tools, network traffic analyzers, firewall logs, network flows, intrusion detection systems, system logs, memory dumps, vulnerability management, SOAR platforms, SIEM, especially Elastic SIEM, and other Enterprise / Open Source equivalents.
  • Good knowledge of Bash (Unix shell) scripting, Python, Powershell

Benefits package:

  • Premium Private health insurance for you and one family member
  • Meal tickets
  • Professional and friendly working environment
  • Professional development through specific training/certification, with a yearly budget, depending on the level of experience and expertise
  • Excellent job perspective for the future
  • An exciting career in a dynamic, growing organization with a very diverse portfolio 
  • Work from Home options available 
  • Attractive compensation package: Fixed salary compensation along with rewards & incentives performance-related bonus scheme  
  • Seasonal team building activities 
  • Gift vouchers
  • And many more

    Upload your CV (PDF):

    I allow Bit Sentinel to process my personal data for this role and I understand I can withdraw at any point.

    Other info

    Besides providing cybersecurity services & advisory for companies from different sectors such as Energy, Fintech, Healthcare, Real Estate, Retail, Ecommerce, Online, Startups, Blockchain, and Critical Infrastructures we are also proud of:

    • CyberEDU, a spin-off of Bit Sentinel – a next-gen cyber range as a service which is being used to host UNbreakable Romania, the National Cyber Security Olympics and the Romanian Cyber Security Challenge, while providing hands-on training and labs for Universities & Companies
    • Phish Enterprise, a spin-off of Bit Sentinel – empower employees with cybersecurity training and phishing simulations to defend against cyber threats
    • Participating in CYRESRANGE: Cyber Ranges Resiliency Networks
    • Participating in ECYBRIDGE: strengthening synergies in defence and civilian cybersecurity
    • Participated in RESISTO project: an innovative solution for Communication Critical Infrastructures holistic situation awareness and enhanced resilience
    • Technical coordinator for the National Phase & Selection of National Teams of European Cyber Security Challenge, one of the most important cybersecurity competitions from Europe
    • Developer & Technical Coordinator of Business Internet Security Threat Map, a technology developed by us for Orange Romania that presents the visualization from a high overview perspective of the data gathered from the Orange Romania Business Internet Security agents deployed across Romania

    For CV or any other inquiries, please send us an email at [email protected]

    Related articles

    SOC Manager

    Read More

    Marketing & Communications Trainee

    Read More

    Infrastructure Hero (CyberEDU)

    Read More


    [email protected]

    get in touch