SOC Manager (Security Operations Centre)
Location: Singapore
Employment Type: Permanent
About the Role
We are seeking an experienced SOC Manager to lead and operate a 24×7 Security Operations Centre (SOC), ensuring effective monitoring, detection, response, and reporting of cybersecurity incidents across enterprise and regulated environments.
This role is responsible for SOC operations, incident response governance, client engagement, compliance alignment, and continuous improvement of SOC maturity. You will work closely with customers, internal teams, and technology partners to deliver high-quality managed security services aligned with SLA and regulatory requirements.
Key Responsibilities
SOC Operations & Incident Management
- Lead and manage day-to-day SOC operations across L1–L3 analysts in a 24×7 environment
- Oversee security monitoring, threat detection, investigation, containment, and remediation
- Act as Incident Commander for major security incidents, coordinating with clients and stakeholders
- Ensure timely escalation, reporting, and post-incident reviews (RCA / PIR)
Team Leadership & Capability Development
- Manage, mentor, and develop SOC analysts and senior responders
- Conduct performance reviews, workforce planning, and shift scheduling
- Define and maintain SOPs, playbooks, and response workflows aligned to MITRE ATT&CK
Client Engagement & Service Delivery
- Act as primary escalation point for SOC-related client issues
- Participate in client briefings, incident updates, and service reviews
- Ensure SLA, KPI, and reporting commitments are consistently achieved
Tools, Technology & SOC Maturity
- Manage and optimise SOC technologies including SIEM, SOAR, EDR/XDR, NDR, and threat intelligence platforms
- Drive automation, use-case tuning, and false-positive reduction
- Support onboarding of new clients and integration of log sources
Governance, Risk & Compliance
- Ensure SOC operations align with regulatory and industry standards including
- MAS TRM,
- CSA IM8,
- ISO/IEC 27001,
- NIST Cybersecurity Framework, and
- PCI DSS (where applicable)
- Support audits, regulatory assessments, and compliance reporting
- Maintain documentation, runbooks, and audit evidence
Required Skills & Experience
Experience
- 8–12+ years in cybersecurity, with 3–5+ years in SOC leadership/management
- Experience in MSSP or managed SOC environments preferred
- Strong background in incident response, threat hunting, and SOC operations
Technical Skills
- Hands-on experience with SIEM tools (e.g., Splunk, IBM QRadar, Microsoft Sentinel)
- Experience with EDR/XDR solutions (e.g., CrowdStrike Falcon, Microsoft Defender for Endpoint, SentinelOne)
- Knowledge of SOAR platforms and security automation
- Strong understanding of network, endpoint, and cloud security (AWS/Azure)
Certifications (Preferred)
- CISSP / CISM / GCIA / GCIH
- ITIL Foundation
- ISO 27001 Lead Implementer / Auditor
- Cloud security certifications (AWS / Azure)
Soft Skills & Leadership Competencies
- Strong stakeholder and client management skills
- Ability to lead during high-pressure incident scenarios
- Structured, metrics-driven, and process-oriented mindset
- Proven leadership, coaching, and team development capability
