Senior SOC Manager

Role & responsibilities

Incident Management and Response: •

Supervise the real-time monitoring and analysis of security incidents to identify and address threats effectively. • Employ advanced security tools and technologies, including SIEM, SOAR, TIP, and EDR, to improve incident detection and response. • Facilitate collaboration with internal and external stakeholders to address and resolve security incidents swiftly. • Develop and update incident response policies and procedures to enhance operational efficiency.

Leadership and Team Development:

• Lead and mentor a team of security analysts and incident responders, promoting a highperformance culture and providing ongoing support and development. • Formulate and execute strategies, policies, and procedures to optimize SOC and IR operations. • Encourage a collaborative, innovative, and learning-oriented environment within the team. • Should be good at defining & documenting technical architecture and Standard Operating Procedures (SOPs) • Develop and oversee the knowledge base, ensuring it remains current and accurate.

Emerging Threats and Strategic Analysis:

• Stay informed on emerging cybersecurity threats, vulnerabilities, and industry trends to integrate relevant threat intelligence into SOC operations. • Utilize threat intelligence platforms to proactively identify and address new threats and vulnerabilities. • Analyse security events using advanced tools and techniques and keep abreast of new cybersecurity technologies to evaluate their potential benefits for the organization.

Compliance and Reporting:

• Ensure adherence to regulatory, industry, and customer standards related to cybersecurity and incident management. • Prepare detailed reports and presentations for senior management, outlining the security landscape, incident statuses, and remediation progress. • Conduct regular service and business reviews to assess performance and provide insights on potential service enhancements.

Strategic Oversight:

• Develop and implement global SOC and IR strategies and processes that align with organizational needs. • Manage the global SOC and IR team, ensuring effective delivery and support of security services across different regions.

Preferred candidate profile

Bachelors or masters degree in computer science, Cybersecurity, or a related field.

• 12+ years of experience in security operations and incident response, with a focus on managing multiple delivery centers in different geographies.

• 5+ years of experience in a leadership role, managing SOC teams and programs globally.

• Experience working with or managing MSSP (Managed Security Service Provider) environments, including understanding their operational models

• Proven experience in developing and implementing SOC and IR strategies and processes.

• Strong knowledge of SOC and IR tools and technologies, such as SIEM, EDR, and incident response playbooks.

• Experience with incident response, including triage, containment, investigation, and recovery. • Knowledge of cyber threats and attack techniques, as well as relevant legal and regulatory frameworks.

• Excellent communication and interpersonal skills, with the ability to collaborate effectively with technical and non-technical stakeholders.

• Strong analytical and problem-solving skills, with the ability to identify and resolve complex technical issues.

• Should have good understanding of ITIL process

Certifications

• Certified Information Security Manager (CISM)

• GIAC Security Operations Manager (GSOM)

• Certified Information Systems Security Professional (CISSP)

• Certified Incident Handler (GCIH