SOC Operations Manager

Key Responsibilities

Team Management & Leadership

• Manage and mentor a team of Level 1 and Level 2 SOC analysts.
• Conduct regular team reviews, performance evaluations, and skill development plans.
• Foster a culture of continuous learning, collaboration, and accountability.

SOC Operations Oversight

• Oversee 24/7 SOC operations, ensuring adherence to SLAs and KPIs.
• Monitor escalation workflows for alerts, incidents, and investigations.
• Ensure proper case documentation, knowledge base updates, and handover processes.

Incident Response & Analysis

• Supervise triage, analysis, containment, and resolution of security incidents.
• Provide guidance on complex threat investigations and escalations.
• Coordinate with clients during major incidents and post-incident reviews.

Process & Compliance

• Drive process improvements in alert management, reporting, and escalation procedures.
• Ensure SOC operations comply with regulatory standards (ISO 27001, GDPR, etc.).
• Maintain and enhance SOC runbooks and standard operating procedures (SOPs).

Client & Stakeholder Management

• Act as the point of contact for client escalations related to SOC operations.
• Deliver periodic SOC reports, dashboards, and incident summaries.
• Support client onboarding, service reviews, and audit requirements.

Required Skills & Qualifications

• Experience: 25 years in Security Operations, with at least 1–2 years in a supervisory or lead role.
• Technical Knowledge: Strong understanding of SIEM platforms (e.g., Splunk, QRadar, ArcSight, LogRhythm).
• Familiarity with EDR, SOAR, threat intelligence, IDS/IPS, firewalls, and cloud security tools.
• Incident response methodology and threat detection frameworks (MITRE ATT&CK, Cyber Kill Chain).
• Leadership Skills: Ability to manage, mentor, and motivate a young SOC team.
• Communication: Strong written and verbal skills for interacting with clients and stakeholders.
• Certifications (preferred): CEH, CompTIA Security+, CySA+, SSCP, or SOC Analyst certifications.

Key Attributes

• Strong problem-solving and decision-making abilities.
• Ability to perform under pressure in a 24/7 SOC environment.
• Detail-oriented with a focus on process improvement and operational excellence.
• Team-first mindset with passion for developing cybersecurity talent.