Description :

About the job :

Role Overview :

The SOC Manager is responsible for leading and managing day-to-day Security Operations Center activities, ensuring effective security monitoring, timely incident response, and continuous improvement of SOC processes, people, and technology. The role focuses on operational excellence, governance, and stakeholder communication.

Key Responsibilities :

AI-Driven SOC Operations & Automation (1st) :

- Lead the implementation and governance of AI-driven SOC capabilities to enhance detection accuracy, response speed, and operational efficiency

- Oversee AI-based alert triage and prioritization, leveraging risk scoring, asset criticality, user behavior analytics (UEBA), and threat intelligence correlation to reduce alert fatigue

- Drive intelligent alert noise reduction by enabling machine-learningbased suppression, clustering, and deduplication of repetitive or low-risk alerts

- Ensure automated contextual enrichment of alerts using AI to correlate data from SIEM, EDR, IAM, vulnerability management, threat intelligence, and asset inventories

- Supervise AI-assisted threat investigation, including behavioral analytics, anomaly detection, lateral movement identification, and pattern-of-life deviation analysis

- Leverage AI to summarize incidents and investigations, enabling faster analyst decision-making and improved reporting quality

- Integrate AI-powered SOAR workflows to enable automated containment and response actions such as account disablement, endpoint isolation, IP blocking, and ticket creation

SOC Operations & Leadership :

- Manage SOC operations across L1, L2, and L3 teams with 247 monitoring coverage

- Define SOC processes, escalation paths, and shift operations

- Act as the final escalation point for high-severity security incidents

- Track and improve SOC KPIs such as MTTD, MTTR, alert quality, and SLA compliance

Incident Management :

- Oversee the complete incident management lifecycle from detection to closure

- Ensure timely containment, remediation, and recovery of security incidents

- Coordinate with IT, cloud, application, and management teams during incidents

- Review incident reports, root cause analysis, and corrective actions

Process, Policy & Compliance :

- Establish and maintain SOC SOPs, runbooks, and playbooks

- Ensure SOC operations align with security standards and regulatory requirements

- Support internal and external audits with required evidence and reporting

- Ensure proper documentation and reporting of security events

Stakeholder & Client Management :

- Communicate security incidents and risks to management and stakeholders

- Review and approve SOC reports and dashboards

- Act as a primary point of contact for SOC-related discussions

Team Development :

- Mentor and guide SOC analysts and leads

- Support training, skill development, and performance evaluations

- Drive continuous improvement and SOC maturity initiatives

Required Skills & Experience :

- Strong experience in SOC operations and incident response

- Hands-on understanding of SIEM and security monitoring tools

- Experience managing security incidents and crisis situations

- Strong leadership, communication, and decision-making skills

Experience : 10-12 Years

Preferred Qualifications :

- Bachelors degree in IT, Cybersecurity, or related field

- Certifications such as CISSP, CISM, GCIH, or SIEM-specific certifications