SOC Manager

Job Description:

• Lead and manage a 24/7 global Security Operations Center (SOC), overseeing a team of security analysts, incident responders, and threat hunters.
• Define and enforce SOC service delivery standards, operational maturity objectives, and strategies for continuous improvement.
• Ensure the timely detection, investigation, and resolution of security incidents.
• Develop, document, and optimize SOC workflows, operational processes, and response playbooks.
• Continuously review and fine-tune alerting logic, detection rules, and telemetry coverage across data sources.
• Track and report SOC performance metrics, ensuring adherence to defined SLAs and KPIs.
• Oversee the deployment, configuration, and tuning of SIEM, SOAR and XDR platforms.
• Direct advanced threat hunting activities using behavioral analytics and threat intelligence.
• Manage the full incident response lifecycle, including containment, eradication, recovery, and lessons learned.
• Lead post-incident reviews and root cause analyses to improve future response.
• Integrate internal and external threat intelligence feeds into SOC operations for enhanced situational awareness.
• Ensure SOC operations align with industry standards and frameworks (e.g., ISO 27001, NIST, PCI DSS).
• Support internal and external audits through evidence collection, documentation, and reporting.
• Mentor and coach SOC analysts to enhance technical skills and operational effectiveness.
• Define skill development paths in alignment with evolving threats and technologies.
• Conduct regular tabletop exercises and facilitate red/blue team simulations to validate SOC readiness.
• Provide regular reporting on SOC performance, key risk indicators, and threat posture to executive leadership.
• Act as a liaison between the SOC and IT, legal, compliance, and business units during incident response and strategic planning.

We are looking for

• Education: Bachelor's or Master's degree in Computer Science (Computer Science / Cybersecurity/ Information Technology)
• Experience: Minimum of 8 years of experience in cybersecurity, with at least 3 years in a SOC leadership role.

Skills

• Extensive hands-on experience with SIEM platforms, including log analysis, rule creation, correlation tuning, and administrative functions.
• Proficiency with cybersecurity tools and technologies, including Kali Linux, IDS/IPS systems, firewalls, threat intelligence platforms, XDR, SOAR, UEBA solutions, and security automation tools.
• Strong analytical and problem-solving abilities.
• Passion for information security and data protection, with a continuous learning mindset.
• High attention to detail, with strong organizational and documentation skills.
• Excellent troubleshooting skills.
• Effective communication skills, both written and verbal.
• Self-motivated and proactive, capable of working independently and collaboratively across cross-functional teams.
• Proven leadership and team management capabilities.
• Excellent verbal and written communication.
• Strategic and analytical mindset with the ability to prioritize tasks in high-pressure situations

Tools

• Web Application Firewalls
• SIEM and XDR
• Firewall and Network Security
• Threat detection, IDS/IPS
• Infrastructure DDOS protection
• Center for Internet Security benchmark
• Malware detection
• Endpoint Detection and Response
• Vulnerability Assessment and Management
• Identity and Access Management
• Data Loss Prevention
• Network Access Control
• Anti-virus and Anti-malware
• Syslog
• Layer 7 DDOS protection
• User and Entity Behavior Analytics
• Network Traffic Analysis
• Threat intelligence platform
• Incident response platforms
• Security Orchestration, Automation, and Response
• Phishing Simulation and Awareness
• Endpoint security
• Log management
• CTEM XM Cyber
• Kali Linux