Security Operations Manager

SOC Manager

About the Role:

We are seeking an experienced and driven SOC Manager to lead and grow our Security Operations in a dynamic and fast-paced environment.

This role is responsible for managing day-to-day operations within our Cyber Fusion Center, including real-time threat detection, incident response, team development, and detection quality. The SOC Manager serves as a key liaison between analysts, engineering teams, and executive stakeholders — ensuring security excellence across both cloud and on-premise environments

Responsibilities:

· Oversee end-to-end operations of the Cyber Fusion Center, including 24/7 monitoring, triage, response, and escalation across hybrid environments.

· Lead and manage a team of cybersecurity analysts, driving performance, professional growth, and capability development.

· Manage the full lifecycle of security incidents, including investigation, containment, communication, and lessons learned.

· Continuously refine and improve detection rules, investigation playbooks, and threat hunting practices, aligning with frameworks like MITRE ATT&CK.

· Collaborate with IT, engineering, DevOps, risk, and compliance teams to ensure alignment between operational activities and business objectives.

· Deliver regular metrics, dashboards, and incident trend analysis to executive stakeholders.

· Maintain and evolve the security tooling stack, including SIEM, SOAR, EDR, and threat intelligence platforms.

· Support automation and workflow orchestration initiatives using scripting or API integrations.

· Ensure readiness and participation in a 24/7 response model when needed.

· Drive analyst training and development, maintaining a high-performing team culture.

· Stay ahead of evolving threats and ensure the team is equipped to respond effectively

Candidate requirements:

· Minimum 5-8 years of experience in security operations, with at least 2 years in a leadership or managerial capacity.

· Proven experience leading SOC operations, incident response programs, or threat detection teams.

· Experience managing and developing a security team, including hiring, mentoring, and performance review.

· Strong understanding of SIEM, SOAR, EDR, and threat intelligence platforms.

· Familiarity with security process automation, detection rule tuning, or security content development.

· Familiarity with security frameworks (MITRE ATT&CK, NIST, ISO 27001, etc.).

· Experience with cloud security operations (AWS, Azure, GCP).

· Ability to manage high-pressure incidents, make sound decisions, and communicate clearly with technical and non-technical stakeholders.

· Excellent communication, leadership, and stakeholder management abilities.

· Experience in preparing operational reports (monthly, quarterly) and presenting findings or recommendations.

· Industry certifications such as GCIA, GCIH, GCFA, CEH, CompTIA CySA+, or equivalent.

Why Join Us:

· Shape and mature security operations practices with real ownership and executive support.

· Collaborate with cross-functional experts across technology, risk, and compliance domains.

· Access ongoing development and industry-leading tooling in a forward-thinking Security Operations environment.