Crypto.com
SOC Lead (Security Operations Center)
TLDR
Lead a multi-cloud, AI-enabled SOC with 24/7 operations, driving advanced investigations, automation, and incident response while mentoring a high-performance team.
Responsibilities:
24/7 Operational Oversight & Escalation – Design, build, and optimize the operational frameworks to support 24/7 monitoring. Serve as the critical escalation point, available to be paged to lead the response during high-impact security incidents.
Advanced Investigations – Lead comprehensive, deep-dive investigations across all threat vectors - including endpoint, network, email, and identity - with a primary focus on complex multi-cloud environments (AWS, Azure, GCP). Utilize CNAPP, EDR/XDR, and digital forensics tools to track sophisticated threat actors and reconstruct full-kill chain breaches.
AI & Automation Strategy – Architect and drive the roadmap for our agentic SOC. Oversee the development of autonomous AI-driven agents and optimize complex SOAR playbooks to minimize response times.
Technical Project Leadership – Lead SOC initiatives focused on optimizing EDR platforms, enhancing Email Security Gateways, and driving proactive threat-hunting campaigns. Partner with dedicated Detection and SIEM Engineering teams by contributing operational threat insights.
Incident Command & Response – Act as the technical Incident Commander during critical security events. Coordinate end-to-end incident response lifecycle tasks, making high-stakes decisions on mitigation and isolation.
Mentorship & Talent Development – Actively mentor and elevate the technical skillsets of SOC analysts. Establish continuous learning frameworks, conduct technical tabletop exercises, and build a culture of engineering excellence.
Requirements:
8+ years of hands-on experience in Information Security, with at least 3+ years in a senior or lead technical capacity within a SOC or Incident Response team.
Proven experience building or managing operational structures for 24/7 monitoring and on-call rotations.
Deep technical mastery of modern security architectures, including EDR/XDR, Email Security Gateways, and Digital Forensics tools.
Strong expertise in Cloud Security Forensics across AWS, Azure, and GCP, alongside experience utilizing CNAPP platforms.
Strong programming and scripting skills (e.g., Python, Bash) to build custom API integrations and automation tooling.
Experience with AI-augmented engineering and workflows, utilizing LLM methodologies (such as Claude Code, Gemini, or Codex) to automate defensive operations.
Exceptional leadership capabilities with a track record of mentoring technical teams and managing high-stress incident scenarios.
Flexibility to be paged outside of standard business hours as the escalation point for high-impact incidents.
Crypto.com builds a comprehensive platform for finance and digital assets, offering services like crypto trading, credit cards, and loyalty programs aimed at both individual users and businesses. What makes us distinctive is our commitment to security and compliance while delivering a seamless mobile experience that integrates cutting-edge technology with practical functionality, driving the widespread adoption of cryptocurrency.
- Founded
- Founded 2016
- Employees
- 500+ employees
- Industry
- Internet Software & Services