Lead and oversee 24x7 SOC operations ensuring effective monitoring and timely response to security events. Own the end-to-end incident response lifecycle including detection, containment, eradication, recovery, and post‑incident review. Act as the primary escalation point for high severity P1 and P2 cybersecurity incidents. Ensure incidents are handled within defined SLAs, playbooks, and escalation frameworks.

Ensure optimal configuration, tuning, and operational effectiveness of security tools including SIEM, SOAR, EDR/XDR, NDR, and UEBA. Oversee development and enhancement of use cases, detection rules, and alert correlation logic. Lead proactive threat hunting and continuous monitoring activities aligned with emerging threat landscapes. Ensure SOC practices align with MITRE ATT&CK, threat intelligence feeds, and industry best practices.