Chief Security Operations Center Manager

SOC Manager

• Oversee and lead a 24/7 global Security Operations Center (SOC), responsible for managing a team of security analysts, incident responders, and threat hunters.
• Define and enforce SOC service delivery standards, operational maturity objectives, and strategies for continuous improvement to optimize SOC performance.
• Ensure timely detection, investigation, and resolution of security incidents through efficient incident response processes.
• Develop, document, and optimize SOC workflows, operational processes, and response playbooks to enhance situational awareness and improve incident response times.
• Continuously review and fine-tune alerting logic, detection rules, and telemetry coverage across data sources to prevent security breaches.
• Track and report SOC performance metrics, ensuring adherence to defined SLAs and KPIs to measure success.
• Oversee the deployment, configuration, and tuning of SIEM, SOAR and XDR platforms to ensure optimal security posture.
• Direct advanced threat hunting activities using behavioral analytics and threat intelligence to identify and mitigate emerging threats.
• Manage the full incident response lifecycle, including containment, eradication, recovery, and lessons learned to continuously improve SOC operations.
• Lead post-incident reviews and root cause analyses to identify areas for improvement and implement corrective actions.
• Integrate internal and external threat intelligence feeds into SOC operations for enhanced situational awareness and improved incident response capabilities.
• Ensure SOC operations align with industry standards and frameworks (e.g., ISO 27001, NIST, PCI DSS) to maintain compliance and reduce risk.
• Support internal and external audits through evidence collection, documentation, and reporting to demonstrate SOC effectiveness.
• Mentor and coach SOC analysts to enhance technical skills and operational effectiveness through training and development programs.
• Define skill development paths in alignment with evolving threats and technologies to stay ahead of emerging risks.
• Conduct regular tabletop exercises and facilitate red/blue team simulations to validate SOC readiness and improve incident response capabilities.
• Provide regular reporting on SOC performance, key risk indicators, and threat posture to executive leadership to inform strategic decision-making.
• Act as a liaison between the SOC and IT, legal, compliance, and business units during incident response and strategic planning to ensure seamless collaboration.

Requirements

• Education: Bachelor's or Master's degree in Computer Science, Cybersecurity, or Information Technology to provide a strong foundation in security principles and practices.
• Experience: Minimum of 8 years of experience in cybersecurity, with at least 3 years in a SOC leadership role to possess relevant expertise and leadership skills.

Skills

• Extensive hands-on experience with SIEM platforms, including log analysis, rule creation, correlation tuning, and administrative functions to manage and analyze security data effectively.
• Proficiency with cybersecurity tools and technologies, including Kali Linux, IDS/IPS systems, firewalls, threat intelligence platforms, XDR, SOAR, UEBA solutions, and security automation tools to leverage existing security infrastructure and improve incident response capabilities.
• Strong analytical and problem-solving abilities to identify and resolve complex security issues efficiently.
• Passion for information security and data protection, with a continuous learning mindset to stay up-to-date with emerging threats and technologies.
• High attention to detail, with strong organizational and documentation skills to maintain accurate records and ensure effective communication.
• Excellent troubleshooting skills to quickly identify and resolve security incidents.
• Effective communication skills, both written and verbal, to collaborate with cross-functional teams and stakeholders.
• Self-motivated and proactive, capable of working independently and collaboratively across cross-functional teams to achieve common goals.
• Proven leadership and team management capabilities to inspire and motivate team members to deliver high-quality results.
• Excellent verbal and written communication to present ideas clearly and persuasively.
• Strategic and analytical mindset with the ability to prioritize tasks in high-pressure situations to make informed decisions quickly.

Tools

• Web Application Firewalls
• SIEM and XDR
• Firewall and Network Security
• Threat detection, IDS/IPS
• Infrastructure DDOS protection
• Center for Internet Security benchmark
• Malware detection
• Endpoint Detection and Response
• Vulnerability Assessment and Management
• Identity and Access Management
• Data Loss Prevention
• Network Access Control
• Anti-virus and Anti-malware
• Syslog
• Layer 7 DDOS protection
• User and Entity Behavior Analytics
• Network Traffic Analysis
• Threat intelligence platform
• Incident response platforms
• Security Orchestration, Automation, and Response
• Phishing Simulation and Awareness
• Endpoint security
• Log management
• CTEM XM Cyber
• Kali Linux