SOC Lead

At our brand-new Shared Business Platform (SBP) in Bucharest, we offer a dynamic environment where career growth is actively supported through internal mobility, globally recognized certifications, and continuous professional development. We value work–life balance, offering flexible work arrangements, and wellbeing initiatives that help you thrive both personally and professionally.

Now, let's explore this exciting opportunity so that you can be part of our mission.

A SOC Lead is responsible for assisting SOC analysts, leading the SOC Level 3 team, and conducting advanced technical investigations. This role involves working closely with the SOC Manager and other teams, such as IT and risk management, to ensure that the organization's security posture is maintained at a high level. The SOC Lead plays a crucial role in protecting the organization's assets and information from cyber threats by guiding analysts and coordinating complex incident responses.

As a SOC Lead, you will be responsible for assisting SOC analysts in monitoring, detecting, and responding to security incidents from various sources, including user-reported alerts (fraud attempts/phishing) and events raised by SIEM. You will lead the analysis of security events to identify cyber threats to the SCOR Information System and investigate their root causes. Your role will involve coordinating and executing security tasks with various IT teams and leading Incident Response, including communication of alerts, containment, remediation, and resolution action plans. Additionally, you will be responsible for developing and maintaining Standard Operating Procedures (SOPs) and playbooks to ensure consistent and effective security operations.

Key Responsibilities:

• Assist SOC analysts in monitoring and analyzing security events to detect cyber threats.
• Lead the response to security incidents and investigate root causes.
• Coordinate security tasks with IT teams.
• Lead Incident Response and follow up on remediation actions.
• Develop and maintain threat intelligence.
• Conduct Threat Hunting.
• Conduct forensic activities as needed.
• Develop and maintain SOPs and playbooks.
• Provide guidance and mentorship to SOC analysts.
• Lead Internal Pentest activity.

Key duties and responsibilities

Security Monitoring and Analysis

• Assist SOC analysts in continuously monitoring security events and alerts from various sources, including SIEM, IDS/IPS, firewalls, and endpoint protection systems.
• Lead the analysis of security events to identify potential threats, vulnerabilities, and incidents.
  Develop and maintain Standard Operating Procedures (SOPs) and playbooks for alert response.

Incident Response

• Lead the response to security incidents promptly, including initial triage, containment, eradication, and recovery.
• Investigate the root causes of security incidents and document findings.
  Develop and maintain Standard Operating Procedures (SOPs) and playbooks for incident response.

Threat Intelligence and Hunting

• Develop and maintain threat intelligence to stay informed about emerging threats and vulnerabilities.
  Conduct proactive threat hunting to identify potential security risks within the network.

Collaboration and Coordination

• Work closely with IT and other relevant teams to coordinate security tasks and incident response efforts.
  Communicate effectively with stakeholders about security incidents and remediation actions. Provide guidance and mentorship to SOC analysts to enhance their skills and effectiveness.

Log Management

Analyze and correlate logs from various sources to detect suspicious activities.

Forensic Analysis

Conduct forensic analysis of compromised systems to understand the extent of the breach and gather evidence.

Internal Pentesting

• Conductand Lead internal pentesting activities.

Required experience & competencies

Must adhere our Key Security Principles and Team Values:

Security Principles: Defend the business, Support the business and promote responsible information security behavior.

Team values: Professionalism, Ethic, Transparency and Team Spirit.

Due to the evolution Cyber Risk, your expertise in Cyber Security is key for sharing your experience to support Technical and Functional teams to implement effective solutions and controls addressing increasing Cyber Threats.

Hard skills

• Strong background in Information and Cyber Security, including Security Operation Center
• Cross platform and technology knowledge
• Knowledge of information security-related technologies and products
• Investigation skills
• Computer/network forensics knowledge

Soft skills

• Effective interpersonal communication skills and ability to direct colleagues
• Presentation skills
  Ability to guide and mentor people

Required Education

Master degree in Computer Science or related field required

As a leading global reinsurer, SCOR offers its clients a diversified and innovative range of reinsurance and insurance solutions and services to control and manage risk. Applying "The Art & Science of Risk," SCOR uses its industry-recognized expertise and cutting-edge financial solutions to serve its clients and contribute to the welfare and resilience of society in around 160 countries worldwide.

Working at SCOR means engaging with some of the best minds in the industry – actuaries, data scientists, underwriters, risk modelers, engineers, and many others – as we work together to find solutions to pressing challenges facing societies.

As an international company, our common culture is defined by "The SCOR Way." Serving both to build momentum that drives the Group forward and as a compass to guide our actions and choices, The SCOR Way is anchored by five core values, reflecting the input of employees at all levels of the Group. We care about clients, people, and societies. We perform with integrity. We act with courage. We encourage open minds. And we thrive through collaboration.

SCOR supports inclusion and the diversity of talents, and all positions are open to people with disabilities.