Supervise the real-time monitoring and analysis of security incidents to identify and address threats effectively.
Employ advanced security tools and technologies, including SIEM, SOAR, TIP, and EDR, to improve incident detection and response.
Facilitate collaboration with internal and external stakeholders to address and resolve security incidents swiftly.
Develop and update incident response policies and procedures to enhance operational efficiency.
Leadership and Team developement
Lead and mentor a team of security analysts and incident responders, promoting a high- performance culture and providing ongoing support and development.
Formulate and execute strategies, policies, and procedures to optimize SOC and IR operations.
Encourage a collaborative, innovative, and learning-oriented environment within the team.
Should be good at defining documenting technical architecture and Standard Operating procedures SOPs.
Develop and oversee the knowledge base, ensuring it remains current and accurate
Stay informed on emerging cybersecurity threats, vulnerabilities, and industry trends to integrate relevant threat intelligence into SOC operations.
Utilize threat intelligence platforms to proactively identify and address new threats and vulnerabilities.
Analyse security events using advanced tools and techniques and keep abreast of new cybersecurity technologies to evaluate their potential benefits for the organization.
Ensure adherence to regulatory, industry, and customer standards related to cybersecurity and incident management.
Prepare detailed reports and presentations for senior management, outlining the security landscape, incident statuses, and remediation progress.
Conduct regular service and business reviews to assess performance and provide insights on potential service enhancements.
Develop and implement global SOC and IR strategies and processes that align with organizational needs.
Manage the global SOC and IR team, ensuring effective delivery and support of security services across different regions.
Build and maintain relationships with internal stakeholders and external partners, translating their needs into actionable SOC and IR initiatives.
Monitor and assess SOC and IR processes and systems for opportunities to enhance efficiency and effectiveness.
Ensure all SOC and IR activities meet industry best practices and comply with legal and regulatory requirements.
Qualifications:
Bachelor s or master s degree in computer science, Cybersecurity, or a related field.
12+ years of experience in security operations and incident response, with a focus on managing multiple delivery centers in different geographies.
5+ years of experience in a leadership role, managing SOC teams and programs globally.
Experience working with or managing MSSP (Managed Security Service Provider) environments, including understanding their operational models
Proven experience in developing and implementing SOC and IR strategies and processes.
Strong knowledge of SOC and IR tools and technologies, such as SIEM, EDR, and incident response playbooks.
Experience with incident response, including triage, containment, investigation, and recovery.
Knowledge of cyber threats and attack techniques, as well as relevant legal and regulatory frameworks.
Excellent communication and interpersonal skills, with the ability to collaborate effectively with technical and non-technical stakeholders.
Strong analytical and problem-solving skills, with the ability to identify and resolve complex technical issues.
Should have good understanding of ITIL process.
Certification:
Certified Information Security Manager (CISM)
GIAC Security Operations Manager (GSOM)
Certified Information Systems Security Professional (CISSP)
Certified Incident Handler (GCIH)

SR . SOC Manager

Job Description

Required Skills