crypto - SOC Lead (Security Operations Center)

• 24/7 Operational Oversight & Escalation – Design, build, and optimize the operational frameworks to support 24/7 monitoring. Serve as the critical escalation point, available to be paged to lead the response during high-impact security incidents. • Advanced Investigations – Lead comprehensive, deep-dive investigations across all threat vectors - including endpoint, network, email, and identity - with a primary focus on complex multi-cloud environments (AWS, Azure, GCP). Utilize CNAPP, EDR/XDR, and digital forensics tools to track sophisticated threat actors and reconstruct full-kill chain breaches. • AI & Automation Strategy – Architect and drive the roadmap for our agentic SOC. Oversee the development of autonomous AI-driven agents and optimize complex SOAR playbooks to minimize response times. • Technical Project Leadership – Lead SOC initiatives focused on optimizing EDR platforms, enhancing Email Security Gateways, and driving proactive threat-hunting campaigns. Partner with dedicated Detection and SIEM Engineering teams by contributing operational threat insights. • Incident Command & Response – Act as the technical Incident Commander during critical security events. Coordinate end-to-end incident response lifecycle tasks, making high-stakes decisions on mitigation and isolation.