Skip to main content
Posted 16 July, 2026

Security Operations Center (SOC) Lead (Tier III)

Arista Networks
Bengaluru,Karnataka,India Full Time
Reference: 74_381470_744000137880549

Company Description

Arista Networks is an industry leader in data-driven, client-to-cloud networking for large data center, campus and routing environments. Arista is a well-established and profitable company with over $9 billion in revenue. Arista's award-winning platforms, ranging in Ethernet speeds up to 800G bits per second, redefine scalability, agility, and resilience. Arista is a founding member of the Ultra Ethernet consortium. We have shipped over 20 million cloud networking ports worldwide with CloudVision and EOS, an advanced network operating system. Arista is committed to open standards, and its products are available worldwide directly and through partners.

At Arista, we value the diversity of thought and perspectives each employee brings. We believe fostering an inclusive environment where individuals from various backgrounds and experiences feel welcome is essential for driving creativity and innovation.

Our commitment to excellence has earned us several prestigious awards, such as the Great Place to Work Survey for Best Engineering Team and Best Company for Diversity, Compensation, and Work-Life Balance. At Arista, we take pride in our track record of success and strive to maintain the highest quality and performance standards in everything we do.

Job Description

Who You'll Work With

As the Tier III SOC Lead, you will report directly to the Sr. Security Manager of Security Operations while managing and mentoring a remote team of junior and mid-level SOC analysts. On a daily basis, you will collaborate closely with the Incident Response (IR) team to hand off escalated critical threats, partner with cross-functional IT and infrastructure teams to deploy remediation strategies, and coordinate with detection engineering peers to architect sophisticated queries using tools like CrowdStrike.

What You'll Do

We are seeking a highly experienced and strategic Security Operations Center (SOC) Lead to spearhead our dynamic, remote cybersecurity team. The ideal candidate is a subject matter expert and technical leader with a protagonist track record of resolving complex security incidents and providing high-level technical guidance.

In this Tier III role, you will provide leadership and mentorship to the SOC team, ensuring the effective resolution of the most critical threats across Mac, Linux, and Windows environments. We are looking for a professional who drives technical excellence, mentors junior staff, and leverages deep expertise in CrowdStrike Query Language (CQL) to architect sophisticated detection strategies that protect our organization's global assets.

Key Responsibilities:

  • Lead and mentor a team of junior and mid-level SOC analysts, fostering professional growth and technical proficiency.
  • Drive resolution for high-priority and critical security incidents, acting as the primary technical point of escalation.
  • Oversee and strategize proactive threat-hunting operations and detection engineering workflows.
  • Monitor and triage security alerts.
  • Build, test, and refine detections to enhance threat identification across Mac, Linux, and Windows systems.
  • Conduct in-depth analysis of security incidents, including malware, phishing, and advanced persistent threats, leveraging SIEM and EDR capabilities.
  • Perform proactive threat hunting using the SIEM and EDR features.
  • Investigate and respond to incidents swiftly, following established incident response protocols.
  • Document findings clearly and provide actionable remediation recommendations.
  • Collaborate with cross-functional teams to strengthen security controls and mitigate vulnerabilities.
  • Stay current on emerging threats, vulnerabilities, and industry trends through self-directed learning.
  • Participate in on-call rotation for 24x7x365 SOC coverage, demonstrating reliability and accountability.
  • Escalate confirmed or suspicious incidents and cases to the Incident Response team.

Qualifications

Experience:

  • 6-8+ years in a SOC environment with significant experience in advanced incident response and leadership roles.
  • Proven experience in mentoring technical staff and leading small to mid-sized security teams.
  • Hands-on experience with CrowdStrike (or other EDR), triaging security incidents.
  • Proven ability to write CQL (or similar) queries and build detections for threat monitoring.
  • Experience triaging alerts in a high-volume environment.
  • Experience with threat intelligence feeds, platform and OSINT tools (VirusTotal, etc.)
  • Familiarity with forensic analysis and evidence handling.

Skills and Attributes:

  • Exceptional critical thinking and analytical skills to address complex security challenges.
  • Self-starter with a proven ability to take initiative and deliver results independently.
  • Driven mindset, thriving in fast-paced, high-pressure remote work environments.
  • Strong understanding of cybersecurity principles, threat landscapes, and attack vectors.
  • Proficiency in analyzing logs, network traffic, and endpoint data using CrowdStrike Next-Gen SIEM, particularly for Mac and Linux systems (Windows experience a plus).
  • Solid knowledge of incident response processes and methodologies.
  • Familiarity with operating systems, with primary expertise in Mac and Linux, and secondary knowledge of Windows.
  • High attention to detail and ability to make sound decisions under pressure.
  • Demonstrated commitment to continuous learning and professional development in cybersecurity.

Nice-to-Have:

  • Experience leading large-scale security projects and contributing to the strategic development of security roadmaps.
  • Proficiency in scripting (e.g., Python) for automating SOC workflows.
  • Experience creating playbooks in Crowdstrike Fusion SOAR (or similar SOAR)
  • Knowledge of cloud security (GCP, AWS, and or Azure).
  • Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent experience).

Additional Information

Arista stands out as an engineering-centric company. Our leadership, including founders and engineering managers, are all engineers who understand sound software engineering principles and the importance of doing things right.

We hire globally into our diverse team. At Arista, engineers have complete ownership of their projects. Our management structure is flat and streamlined, and software engineering is led by those who understand it best. We prioritize the development and utilization of test automation tools.

Our engineers have access to every part of the company, providing opportunities to work across various domains. Arista is headquartered in Santa Clara, California, with development offices in Australia, Canada, India, Ireland, and the US. We consider all our R&D centers equal in stature.

Join us to shape the future of networking and be part of a culture that values invention, quality, respect, and fun.

Sign up for Job Alerts