Team Lead, SOC (Security Operations Center)

9f15a44c-cc5 Team Lead, SOC (Security Operations Center) We are looking for a SOC (Security Operations Center) Team Lead to build and lead our SOC function end-to-end. You will own vulnerability management, alerting and detection engineering, incident response, and the security tooling/infrastructure that enable these missions.

Key responsibilities include:

• Leading and growing the team: Manage the SOC team, shape the roadmap, delegate effectively, and mentor engineers.

• Driving operations: Define vulnerability management processes and coordinate stakeholders for timely remediation. Design, implement, and operate SIEM/SOAR infrastructure (ingestion, normalization, correlation, alerting, playbooks). Specify logging requirements across our main stacks and centralize telemetry in the SIEM. Develop and tune correlation rules and detections; manage CTI intake and operationalize intel. Run continuous improvement to reduce false positives and raise signal quality. Establish crisp procedures for alert triage, escalation, and incident handling & investigation. Lead incident communications with stakeholders and ensure thorough documentation.

• Engineering and enablement: Contribute to security tooling, automation, and integrations that speed up detection/response. Produce guidance and documentation for product/infra teams; contribute to compliance in the SOC perimeter.

• Exercises and assurance: Coordinate red/blue exercises, post-mortems, and targeted audits to validate coverage and resilience.

The ideal candidate will have 8+ years of experience leading SOC/CSIRT functions, with proven leadership. Hands-on experience with SIEM (e.g., Elastic Security, Sekoia, Splunk) and SOAR platforms is required. Strong experience in vulnerability management (e.g., DefectDojo, Dependency-Track) and remediation workflows is also necessary. Solid grasp of the cyber kill chain / attack lifecycle, detection engineering, and log source coverage is essential. Excellent problem-solving and communication skills are required, as well as the ability to operate in a fast-paced startup environment.

XML job scraping automation by YubHub

]]> full-time senior hybrid SIEM, SOAR, vulnerability management, incident response, security tooling, automation, integrations, cyber kill chain, attack lifecycle, detection engineering, log source coverage, scripting, Python, Bash, modern infra/app stacks, EDR/IDS/IPS, compliance frameworks, security audits/pen-tests Engineering Technology Mistral AI https://logos.yubhub.co/mistral.ai.png Mistral AI provides high-performance, optimized, open-source and cutting-edge AI models, products and solutions. https://mistral.ai https://jobs.lever.co/mistral/e0b55281-55c6-4143-9bf8-e4418c667f9f Paris 2026-04-17 3e75d44f-c7f Team Lead, SOC (Security Operations Center) About this role

We are looking for a SOC (Security Operations Center) Team Lead to build and lead our SOC function end-to-end. You will own vulnerability management, alerting and detection engineering, incident response, and the security tooling/infrastructure that enable these missions. You’ll define processes, collaborate closely with Product, Infra and IT, and continuously improve detection quality and response time.

Key responsibilities

• Lead & grow the team: Manage the SOC team, shape the roadmap, delegate effectively, and mentor engineers.

• Drive operations: - Define vulnerability management processes and coordinate stakeholders for timely remediation. - Design, implement, and operate SIEM/SOAR infrastructure (ingestion, normalization, correlation, alerting, playbooks). - Specify logging requirements across our main stacks and centralize telemetry in the SIEM. - Develop and tune correlation rules and detections; manage CTI intake and operationalize intel. - Run continuous improvement to reduce false positives and raise signal quality. - Establish crisp procedures for alert triage, escalation, and incident handling & investigation. - Lead incident communications with stakeholders and ensure thorough documentation.

• Engineering & enablement: - Contribute to security tooling, automation, and integrations that speed up detection/response. - Produce guidance and documentation for product/infra teams; contribute to compliance in the SOC perimeter.

• Exercises & assurance: - Coordinate red/blue exercises, post-mortems, and targeted audits to validate coverage and resilience.

Requirements

• 8+ years of experience leading SOC/CSIRT functions, with proven leadership.

• Hands-on with SIEM (e.g., Elastic Security, Sekoia, Splunk) and SOAR platforms.

• Strong experience in vulnerability management (e.g., DefectDojo, Dependency-Track) and remediation workflows.

• Solid grasp of the cyber kill chain / attack lifecycle, detection engineering, and log source coverage.

• Excellent problem-solving and communication skills; able to operate in a fast-paced startup environment.

• Builder mindset: pragmatic, automation-oriented, comfortable with ambiguity and ownership.

Nice to have

• Bring scripting/automation skills (e.g., Python, Bash) for data pipelines/playbooks.

• Know modern infra/app stacks (Linux, containers, Kubernetes, cloud), EDR/IDS/IPS.

• Have exposure to compliance frameworks (ISO 27001, SOC 2) and security audits/pen-tests.

• Have run purple team exercises and measurable detection-coverage programs.

• Are comfortable partnering with Product/Platform teams and influencing roadmaps.

XML job scraping automation by YubHub

]]> full-time senior hybrid SIEM, SOAR, vulnerability management, remediation workflows, cyber kill chain, detection engineering, log source coverage, problem-solving, communication skills, scripting/automation skills, modern infra/app stacks, EDR/IDS/IPS, compliance frameworks, security audits/pen-tests, purple team exercises Engineering Technology Mistral AI Mistral AI provides a comprehensive AI platform for enterprise needs, integrating seamlessly into daily working life. https://mistral.ai https://jobs.lever.co/mistral/e0b55281-55c6-4143-9bf8-e4418c667f9f Paris 2026-03-10