About the Role
The Senior SOC Analyst and Team Lead is the most critical hire in this operation. You are the anchor of the day shift, the primary escalation point for evening and night analysts, and the direct interface to Redfox Cybersecurity's operations team. While your core task is monitoring and alert triage using the Argus platform, you also own shift quality, alert threshold tuning, and ensuring all escalations reach Redfox Cybersecurity within agreed SLA windows. This role requires someone who can operate independently, make fast decisions under pressure, and maintain consistent documentation standards.
Key Responsibilities
- Lead the day shift and act as the primary point of contact for Redfox Cybersecurity's SOC and operations team
- Monitor the Argus dashboard continuously, reviewing AI-correlated alerts, trust score changes, and endpoint anomalies across 2,000 endpoints
- Triage incoming alerts escalated from Argus SOAR automation, determining severity and required action
- Escalate P1 and P2 incidents to Redfox Cybersecurity within defined SLA thresholds (15 minutes for P1, 1 hour for P2)
- Act as on-call escalation for evening and night shift analysts when they encounter incidents beyond their authority
- Tune Argus alert thresholds, suppression rules, and playbook triggers to reduce false positives and noise
- Produce and review shift handover reports at the end of each shift using Argus exported summaries
- Mentor and guide junior analysts on triage procedures, documentation standards, and escalation protocols
- Maintain runbooks and standard operating procedures for common alert types
- Participate in weekly service review calls with Redfox Cybersecurity's delivery team
Requirements
- Minimum 3-5 years of SOC or security operations experience
- Demonstrated experience with SIEM platforms (Argus, Splunk, QRadar, Microsoft Sentinel, or equivalent)
- Solid understanding of SOAR concepts and automated playbook-driven response
- Strong knowledge of endpoint threats: malware, ransomware, lateral movement, phishing, and credential attacks
- Familiarity with alert triage methodologies and incident severity classification frameworks
- Experience working to SLAs in a managed service or MSSPenvironment is strongly preferred
- Excellent written communication for shift documentation and Redfox Cybersecurity escalation reports
- Ability to remain calm under pressure and make rapid, accurate escalation decisions
- Understanding of MITRE ATT&CK framework for threat classification
Nice to Have
- CompTIA Security+, CySA+, or equivalent certification
- Experience with Argus by Genix Cyber or similar XDR/TDIR platforms
- Exposure to compliance frameworks: ISO 27001, PCI DSS, NESA, or NCA
- Prior experience in a subcontracted or white-label SOC delivery model
Performance Indicators
Your performance in this role will be measured against the following indicators:
- P1 escalation to Redfox Cybersecurity within 15 minutes, 100% of the time
- P2 escalation within 1 hour, 95% of the time
- Shift handover report completed and sent before shift end, every day
- False positive rate on escalations kept below 10%
- Junior analyst satisfaction and quality of shift coverage
About the Operation
This role is part of a Managed Security Operations Centre (MSOC) delivering 24/7 monitoring services to Redfox Cybersecurity Cyber Security, a CREST-certified premium cybersecurity provider serving enterprises, government bodies, and critical national infrastructure across the UK, UAE, and GCC region.
Our MSOC is powered by Argus by Genix Cyber, an intelligent TDIR and CTEM platform that combines real-time threat detection, AI-powered analytics, SOAR automation, built-in SIEM, and endpoint security into a single unified platform. Analysts in this team benefit from significant automation support, allowing them to focus on high-value triage and escalation rather than routine noise processing.
This is a monitoring and escalation operation. Investigation, containment, and remediation are handled by Redfox Cybersecurity's expert team. Our commitment is to ensure no significant event goes undetected and no escalation is missed within the agreed service window.
Pay: ₹500,000.00 - ₹800,000.00 per year
Benefits:
Work Location: In person
