This position is only for a 1-year assignment
Role Purpose
The SOC (Security Operations Center) Manager is responsible to lead our SOC team in safeguarding the organization’s digital assets. The SOC Manager will be responsible for overseeing all aspects of SOC operations, including threat monitoring, incident response, threat intelligence, and continuous improvement of SOC processes. This role requires a strategic leader with a deep understanding of cybersecurity principles, a strong technical background, and proven experience in managing SOC teams.
Key Accountabilities
Leadership & Team Management:
- Lead and mentor a team of SOC analysts and engineers, fostering a culture of continuous improvement and professional development.
- Develop and implement strategies to enhance SOC performance and efficiency.
- Ensure the SOC operates 24/7, with appropriate staffing levels and on-call rotations.
Operational Management:
- Oversee the daily operations of the SOC, ensuring timely detection, analysis, and response to security incidents.
- Establish and maintain standard operating procedures (SOPs) for SOC operations.
- Manage and optimize the use of SOC tools and technologies, including SIEM, IDS/IPS, EDR, and threat intelligence platforms.
- Ensure the SOC is compliant with relevant industry standards and regulatory requirements.
Incident Response & Threat Management:
- Lead the incident response process, including investigation, containment, eradication, and recovery efforts.
- Develop and maintain an incident response plan, ensuring readiness for various types of security incidents.
- Collaborate with other teams, such as IT, Legal, and Compliance, to coordinate incident response efforts.
- Continuously monitor and analyze threat intelligence to identify emerging threats and adjust SOC operations accordingly.
Strategy & Continuous Improvement:
- Develop and implement a long-term strategy for the SOC, aligned with the organization’s security goals.
- Conduct regular assessments of SOC performance, identifying areas for improvement and implementing corrective actions.
- Stay current with industry trends and best practices in cybersecurity and SOC management.
- Lead efforts to automate and optimize SOC workflows and processes to improve efficiency and effectiveness.
Communication & Reporting:
- Provide regular updates to senior leadership on SOC performance, security incidents, and emerging threats.
- Prepare and present detailed reports and metrics on SOC operations and incident response activities.
- Act as a point of contact for external auditors, partners, and regulatory bodies regarding SOC operations.
Requirements:
- Bachelor’s degree in Information Security, Computer Science, or a related field. Master’s degree preferred.
- Minimum of 8-10 years of experience in cybersecurity, with at least 5 years in a SOC management or leadership role.
- Proven experience in managing a 24/7 SOC, including incident response, threat intelligence, and SOC operations.
- Strong technical background, with hands-on experience in security technologies such as SIEM, IDS/IPS, EDR, firewalls, and threat intelligence platforms.
- Experience in developing and implementing SOC strategies, processes, and technologies.
- Strong understanding of information security principles, technologies, and best practices.
- Experience with SOC, SIEM technologies, threat intel, threat analysis, and vulnerability management.
- Knowledge of NIST, ISO and other regulatory standards for information security
- Knowledge of regulatory requirements and compliance frameworks.
- Excellent leadership, communication, and interpersonal skills.
- Ability to work effectively with cross-functional teams and manage multiple projects simultaneously.
- Strong analytical and problem-solving abilities.