SOC Manager

Job Description & Requirements

We are seeking an experienced SOC Manager to lead and manage Security Operations Center (SOC) functions, ensuring effective monitoring, detection, investigation, and response to cybersecurity threats across enterprise and mission-critical environments.

The successful candidate will oversee SOC operations, manage security analysts and incident responders, drive continuous improvement initiatives, and ensure compliance with cybersecurity governance and regulatory requirements. Experience within a System Integrator (SI), MSSP, Public Sector, or Critical Information Infrastructure (CII) environment is highly preferred.

Key Responsibilities

SOC Operations & Incident Response

• Lead day-to-day SOC operations, ensuring 24x7 monitoring and incident management.
• Oversee threat detection, investigation, escalation, and response activities.
• Manage SIEM, SOAR, EDR/XDR, threat intelligence, and security monitoring platforms.
• Drive threat hunting, incident response, root cause analysis, and post-incident reviews.
• Develop and maintain SOC processes, playbooks, KPIs, SLAs, and operational reports.

Governance & Stakeholder Management

• Ensure compliance with cybersecurity policies, standards, and regulatory requirements.
• Support audits, risk assessments, and security governance initiatives.
• Collaborate with internal teams, clients, and stakeholders to strengthen cybersecurity posture.
• Provide regular reporting and recommendations to management on security risks and SOC performance.

Team Leadership

• Lead, mentor, and develop SOC Analysts, Incident Responders, and Security Engineers.
• Manage resource planning, performance management, and capability development.
• Promote operational excellence and continuous improvement across SOC functions.

Requirements

• Degree in Cyber Security, Information Security, Computer Science, Information Technology, or related disciplines.
• Proven experience managing Security Operations Center (SOC) teams and cybersecurity operations.
• Experience in SI, MSSP, Consulting, Public Sector, or CII environments preferred.
• Strong understanding of incident response, threat detection, threat hunting, and security operations.

Technical Skills

• Hands-on experience with SIEM platforms such as Splunk, QRadar, ArcSight, Microsoft Sentinel, or Elastic.
• Knowledge of SOAR, EDR/XDR, vulnerability management, and threat intelligence solutions.
• Familiarity with MITRE ATT&CK, Cyber Kill Chain, and incident response frameworks.
• Understanding of network security, cloud security, identity and access management, and security governance.
• Experience supporting government or highly secured environments is advantageous.

Preferred Certifications

• CISSP, CISM, GCIH, GCIA, GCFA, or equivalent cybersecurity certifications.
• Relevant vendor certifications in Splunk, Microsoft Security, or SIEM technologies