Team Lead, CSOC

About the role

For over 25 years, Global Relay has set the standard in enterprise information archiving with industry-leading cloud archiving, surveillance, eDiscovery, and analytics solutions. We securely capture and preserve the communications data of the world's most highly regulated firms, giving them greater visibility and control over their information and ensuring compliance with stringent regulations. Though we offer competitive compensation and benefits and all the other perks one would expect from an established company, we are not your typical technology company. Global Relay is a career-building company. A place for big ideas. New challenges. Groundbreaking innovation. It's a place where you can genuinely make an impact - and be recognized for it. We believe great businesses thrive on diversity, inclusion, and the contributions of all employees. To that end, we recruit candidates from different backgrounds and foster a work environment that encourages employees to collaborate and learn from each other, completely free of barriers. Your role: The Information Security Team Lead for the Cyber Security Operations Center (CSOC) leads a team of Cyber Security Specialists and serves as the primary escalation point for security events and incidents. You will provide technical expertise, oversee front-line defense activities, and drive continuous improvement of CSOC processes and tools in collaboration with the Cyber Engineering team.

Responsibilities

• Lead daily CSOC operations, mentoring analysts through security investigations, incident response, and complex escalations.
• Coordinate shift handovers and ensure documentation and continuity across global CSOC operations.
• Operate, monitor, and optimize security tools including SIEM, EDR, IDS/IPS, threat intel, and vulnerability management platforms.
• Develop playbooks and escalation procedures to improve CSOC efficiency and maturity.
• Support the Cyber Security Manager with KPI dashboards, threat metrics, and incident reporting.
• Assist with security audits, policy enforcement, firewall changes, and security awareness initiatives.
• Lead team development activities including hiring, training, performance appraisals, and regular team meetings.
• About you:
• 2-5 years of hands-on security operations experience, including familiarity with firewalls, SIEM, EDR, IDS/IPS, antivirus, and network hardening.
• 1-2 years managing technical teams.
• Experience with real-time incident handling, root cause analysis, and escalation.
• Familiarity with MITRE ATT&CK, ISO 27001, SOC 2, and FedRAMP frameworks.
• Security certification required (CISSP preferred).
• Strong written and verbal communication skills; experience with ITIL-based ticketing systems.
• Knowledge of scripting or automation tools (e.g. Python) is an asset.
• Availability for after-hours escalations and flexibility across UK, US, and Canada time zones.

Benefits

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at Global Relay? Share your experience