SOC Manager(Job No 998)

• Lead and manage the SOC team, including L1, L2, and L3 analysts, incident responders, threat hunters, and engineers.
• Define SOC strategy, roadmap, KPIs, and performance metrics aligned with the organization’s security objectives.
• Act as the escalation point for major security incidents and executive communication.
• Ensure 24x7 monitoring of security events, alerts, and incidents across SIEM, SOAR, EDR, NDR, UEBA, and cloud environments.
• Oversee incident response procedures including detection, containment, remediation, and recovery.
• Continuously improve SOC processes, including playbooks, runbooks, and workflows.
• Track and report SOC KPIs such as MTTR, SLA adherence, false positive rate, and threat coverage.
• Prepare regular reports for senior leadership and support internal/external audits.
• Ensure SOC operations comply with regulatory and industry standards (e.g., ISO 27001, NIST, DESC ISR, NESA).
• Hire, train, mentor, and retain high-performing SOC staff.
• Foster collaboration between SOC, threat intel, engineering, and IT teams.
• Lead regular incident simulation exercises (tabletops, red/blue/purple team drills).
• Work closely with the engineering team to manage and optimize SOC tools (e.g., SIEM like Splunk/QRadar, SOAR, EDR, threat intel platforms).
• Evaluate and recommend new tools and technologies to enhance threat detection and automation.

Qualifications:

• Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or a related field.
• 7–10 years of experience in cybersecurity, with 3–5 years in SOC leadership or management roles.
• Experience managing 24x7 SOC teams in enterprise or MSSP/MDR environments.
• Strong understanding of modern security threats, detection techniques, and SOC operations.
• Hands-on knowledge of SIEM, SOAR, EDR, NDR, threat intelligence, cloud security (AWS/Azure), and MITRE ATT&CK.
• Exceptional incident management, decision-making, and crisis communication skills.
• CISSP, CISM, GIAC (GCIA, GCIH, GCFA), or equivalent.
• ITIL or PMP for operational and project management experience.