SOC (Security Operations Center) Manager

Job Posting External

Primary Responsibilities

• Supervise a team of SOC analysts, shift leads, and incident responders.
• Develop and maintain 24/7/365 operational schedules.
• Ensure proper shift rotations and effective handovers across time zones and teams. Monitor analyst productivity and quality of investigations.
• Conduct regular reviews and coaching sessions to develop team capabilities.
• Standardize SOC procedures with playbooks and knowledge base articles to improve response speed and accuracy.
• Ensure real-time monitoring of network and endpoint activity for anomalies.
• Lead and delegate triage of security events and assign severity levels.
• Serve as point of contact for significant incidents, guiding incident response lifecycle, including containment, eradication, recovery, and post-mortem.
• Collaborate with Information Technology (IT), Legal, Human Resources (HR), and Communications departments during security incidents and investigations.
• Work with engineering and threat intelligence teams to modify Security Information and Event Management (SIEM) use cases, correlation rules, and threat hunting hypotheses. Oversee deployment, configuration, and performance of SOC tools—SIEM, Security Orchestration, Automation, Endpoint Detection and Response (EDR), Intrusion Detection System (IDS), and threat intel platforms.
• Champion development of SOAR workflows to automate repetitive tasks and improve analyst efficiency.
• Lead proactive threat hunting campaigns based on emerging threat intel and behavior analytics.
• Align SOC objectives with organizational risk tolerance and cybersecurity strategy.
• Define yearly roadmaps and investment needs.
• Create dashboards and regular metrics showing incident volumes, response times, threat trends, and resource utilization.

Minimum Qualifications

• Bachelor’s degree in Information Technology, Cyber Security, Computer Science, or related field is required, along with 2-4 years related experience. Non-degree considered if 12+ years of related experience along with a high school diploma or GED

Preferred Qualifications

• 5 or more years’ of experience in cybersecurity with at least 4 years in a leadership role.
• Strong understanding of SIEM, EDR, IDS/IPS, SOAR, and vulnerability management platforms.
• Relevant certifications (e.g., Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM)), preferred.
• Excellent problem-solving skills.
• Good written and oral communication skills, deductive reasoning, and analytical investigative skills. 
• Good interpersonal skills to facilitate positive relations between business groups.