SOC Manager

Experience: 10+ years

Summary:We are seeking a highly skilled and proactive SOC Lead to manage and mature our 24x7 Security Operations Center. This role involves leading a team of 15 analysts (L1L3), supporting multiple customer environments, and driving operational excellence in threat detection, incident response, and SOC process improvement. The ideal candidate will have deep technical expertise in SIEM and EDR tools, strong leadership capabilities, and excellent communication skills.

Key Responsibilities:

Lead and manage a team of 15-20 SOC analysts (L1, L2, L3) across multiple customer environments.Act as the primary Incident Responder for critical security incidents.Conduct Root Cause Analysis (RCA) and develop Corrective and Preventive Actions (CAPA).Mentor and train junior/fresher SOC analysts to prepare them for advanced roles.Support and co-lead SIEM migration projects in collaboration with SIEM Engineers.Configure and fine-tune SIEM rules and use cases for enhanced threat detection.Integrate and troubleshoot log sources across diverse platforms and environments.Generate and present SOC KPIs and metrics to internal stakeholders and customers.Lead technical tabletop exercises with internal teams and customer stakeholders.Support SOC maturity assessments and contribute to continuous improvement initiatives.Maintain and enhance SOC documentation, playbooks, and standard operating procedures.Collaborate with threat intelligence, vulnerability management, and engineering teams.

Required Skills Experience:10+ years of experience in cybersecurity, with at least 4 years in a SOC leadership role.Proven experience managing multi-tenant or MSSP environments.

Hands-on expertise with: SIEMs: QRoC, Sumo Logic, Splunk, Palo Alto SIEMEDR

Tools: CrowdStrike, SentinelOneStrong knowledge of: SIEM rule creation and use case developmentLog source onboarding, integration, and troubleshootingIncident response lifecycle and threat detection methodologiesExcellent communication and writing skills; ability to present to customers and executives.Experience in producing and interpreting SOC metrics and dashboards.Familiarity with frameworks such as MITRE ATTCK, NIST, and SANS.

Preferred Qualifications:Bachelors degree in computer science, Information Security, or related field.Industry certifications such as CISSP, CISM, GCIA, GCIH, CEH, or equivalent.

Experience with scripting (Python, PowerShell) for automation and enrichment. Exposure to cloud security monitoring (AWS, Azure, GCP).

Work Environment:Require on-call availability and rotational shifts.