Role: SOC Manager Microsoft Sentinel & SOC Services Location: Bangalore (Work from Office) Department: Security Practice Reporting To: Head of Security Practice Job Summary We are seeking a highly skilled and experienced SOC Manager to lead our Security Operations Center (SOC), with deep expertise in Microsoft Sentinel and Microsoft Security technologies. The ideal candidate will be responsible for managing 24x7 SOC operations, overseeing a multi-tier analyst team, and ensuring effective detection, response, and continuous improvement across all security monitoring services. This role requires strong technical leadership, operational discipline, and a forward-thinking approach to evolve the SOC using automation, threat intelligence, machine learning, and purple teaming. Key Responsibilities Lead and manage end-to-end SOC operations including Tier 1, 2, and 3 analysts, threat hunters, and incident responders. Design and optimize SIEM workflows, detection rules, hunting queries, and SOAR playbooks using Microsoft Sentinel. Ensure timely triage, investigation, containment, and response to security incidents as per SLAs. Build and maintain automation workflows using Logic Apps for Sentinel-based SOAR. Integrate and manage diverse log sources, including Defender suite, cloud workloads, identity platforms, and third-party security solutions. Drive continuous improvement through automation, ML-based detections, threat hunting, and purple teaming. Develop, review, and maintain SOC runbooks, playbooks, and use case libraries. Define and report on key metrics such as MTTD, MTTR, alert-to-incident ratio, and false positive rates. Ensure SOC alignment with regulatory and industry frameworks (NIST, ISO 27001, RBI, GDPR). Collaborate with internal and external stakeholders on incident reviews, compliance audits, and threat landscape updates. Participate in client onboarding, governance meetings, and SOC service reviews. Ability to manage distributed teams across time zones with a strong focus on collaboration, mentorship, and performance management. Required Skills and Experience 6 - 12 years of experience in cybersecurity operations, with minimum 24 years in a SOC leadership role. Proven hands-on experience managing Microsoft Sentinel in MSSP or enterprise environments. Expertise in KQL, UEBA, custom rule tuning, Sentinel analytics, and connector integrations. Knowledge of MITRE ATT&CK, threat modeling, and detection engineering. Experience with incident response lifecycle, forensic investigations, and root cause analysis. Strong knowledge of Microsoft 365 Defender stack (Defender for Endpoint, Identity, O365, Cloud Apps). Experience integrating with platforms like ServiceNow, Freshdesk and other Ticketing Systems Strong stakeholder communication, executive reporting, and client-facing experience. Preferred Certifications SC-200: Microsoft Security Operations Analyst SC-100: Microsoft Cybersecurity Architect AZ-500: Azure Security Engineer Associate
Good Communication and Bachelor's in Computer Science or equivalent. The successful candidate will work to implement, maintain, and manage multiple cloud implementations for Azure Customers. As a key member of the team, you will work closely with Cloud Engineers and Senior Cloud Engineers within team and directly with clients to ensure the availability, security, and reliability of cloud deployments. The ideal candidate will have a strong understanding of Microsoft Azure compute, storage and networking infrastructure and experience with cloud-based Linux and Windows applications on Azure. RESPONSIBILITIES Handling Microsoft Azure Virtual Machines. Deploying Azure VMs (Windows Server and Linux) in a highly available environment. Perform configuration management and disaster recovery tasks on your new environment. Microsoft Azure IaaS Monitoring and Management, manage and monitor IaaS deployments by Log Analytics and Log Search to drill down into the most important data in your IaaS systems. Using PowerShell to deploy resources and repeatable deployments with ARM templates. Work on Microsoft Azure Networking. Design virtual networks to support workloads with the highest security and performance. Explore configuring hybrid connectivity between on-premises environments and Azure, and how to monitor network performance to comply with service-level agreements. Automating Deployment and Scale of Azure IaaS Solution script, automate, and scale Azure deployments. Dive into automation technology options within Azure. Keep learning the new ways to use PowerShell and JSON templates to define and deploy services to Azure, and how to scale resources in Azure.