SOC Manager

We are seeking an experienced SOC Manager to lead a multi-tenant MSSP Security Operations Centre while also overseeing monitoring for internal corporate environments. This role is responsible for SOC operations, incident response, service delivery, tooling strategy, team leadership, and continuous improvement across diverse customer environments.

The successful candidate will combine strong technical security expertise with operational leadership, customer-facing communication skills, and the ability to manage high-performing SOC teams in a 24/7 environment.

Key Responsibilities

• Lead the daily operations of a 24/7 MSSP SOC covering multi-tenant customer environments and internal security monitoring.
• Oversee incident triage, escalation, response coordination, post-incident reviews, and customer communications during major security incidents.
• Define and manage SOC operating models, workflows, escalation paths, service offerings, KPIs, SLAs, and quality metrics, including MTTD and MTTR.
• Manage, mentor, and develop SOC analysts, engineers, and shift leads, ensuring effective resource planning, shift coverage, and team performance.
• Own the SOC technology strategy and roadmap across SIEM, SOAR, EDR, XDR, threat intelligence, automation, case management, and reporting platforms.
• Drive detection engineering, threat hunting, threat intelligence integration, playbook development, automation, and continuous process improvement.
• Work with sales, pre-sales, customer success, and customers to define SOC requirements, support service design, and ensure successful customer onboarding.
• Manage vendors, licensing, budgets, tooling evaluations, platform optimisation, and technology investments.
• Report to senior leadership on SOC performance, security posture, incident trends, operational risks, and improvement initiatives.
• Support compliance with relevant regulatory and industry standards, including MAS TRM, PDPA, SOC 2, MTCS, and IMDA guidelines, where applicable.

Requirements:

SOC Leadership

Proven experience managing SOC operations, preferably within an MSSP or multi-customer managed services environment.

Team Management

Experience hiring, coaching, mentoring, and managing 24/7 SOC analysts, engineers, or shift teams.

Incident Response

Strong experience leading major incident response, escalation management, customer communications, and post-incident reviews.

Security Platforms

Hands-on knowledge of SIEM and security platforms such as Splunk, IBM QRadar, Microsoft Sentinel, Google SecOps, EDR, XDR, and SOAR tools.

Cloud and Infrastructure Security

Strong understanding of cloud security monitoring across AWS, Azure, and/or GCP, as well as network architecture, Windows, and Linux environments.

Detection and Threat Operations

Experience in detection engineering, threat modelling, threat hunting, threat intelligence, vulnerability management, and playbook development.

Operational Excellence

Ability to define KPIs, SLAs, workflows, automation opportunities, service quality metrics, and continuous improvement plans.

Stakeholder Communication

Strong ability to translate technical incidents and security risks into clear business impact for customers, executives, and cross-functional teams.

Commercial and Governance Awareness

Experience with vendor management, budgeting, licensing, compliance requirements, and regulated customer environments.

Preferred Experience

Experience leading multiple SOC teams across multiple customer deployments is highly preferred. Candidates with prior MSSP experience, customer-facing security operations experience, and familiarity with Singapore regulatory expectations will be especially relevant.

What Success Looks Like

Success in this role means delivering a scalable, reliable, and continuously improving SOC service that meets customer expectations, strengthens detection and response capabilities, improves operational efficiency, and supports the organisation's broader security and business objectives.