SOC Manager
This position is responsible for overseeing all Security Operations Center (SOC) activities. The role leads Level 1–3 SOC analysts to ensure effective monitoring, detection, and response to security incidents. The SOC Manager defines and drives the organization's security monitoring strategy, leads incident response, integrates threat intelligence, and conducts proactive threat hunting to strengthen the overall cybersecurity posture.
As a proactive leader, the SOC Manager thrives in dynamic environments, communicates effectively with both technical teams and executives, and continuously enhances SOC processes, tools, and capabilities.
SOC Operations Management
- Plan, organize, and lead the daily operations of the Security Operations Center (SOC).
- Ensure 24/7 operational coverage and effective coordination of SOC activities.
Team Leadership & Development
- Manage, mentor, and evaluate SOC analysts (Level 1–3) to ensure performance, growth, and skill development.
- Build a high-performing team culture focused on accountability and continuous improvement.
Monitoring & Incident Response
- Oversee event monitoring, triage, and incident response.
- Ensure timely containment, eradication, and recovery from security incidents.
- Maintain proper incident documentation from detection through resolution, including lessons learned and root cause analysis.
Detection & Threat Intelligence
- Define, maintain, and optimize detection use cases across SIEM, SOAR, and NDR platforms.
- Integrate logs, data sources, and threat intelligence feeds into monitoring and response workflows.
Threat Hunting & Risk Analysis
- Lead proactive threat hunting activities to identify hidden or emerging threats.
- Conduct threat management, threat modeling, and attack surface analysis to anticipate risks.
Reporting & Communication
- Deliver regular SOC reports, dashboards, KPIs, and incident summaries to senior leadership.
- Communicate findings effectively with both technical and executive stakeholders.
Collaboration & Continuous Improvement
- Foster collaboration with IT, risk, compliance, and external partners to strengthen the security ecosystem.
- Stay ahead of emerging attack techniques, vulnerabilities, and industry best practices to enhance SOC capabilities.
Staff Management & Internal Processes
- Approve workforce plans, productivity, and staff utilization to ensure optimum staffing levels across the department; propose initiatives for improvement.
- Manage staff hiring, termination, and HR personnel requests as per the organizational matrix.
- Approve attendance records and ensure compliance with company policies.
- Coach and train staff on new technologies and processes, driving continuous improvement.
- Monitor and review daily, weekly, monthly, and annual reports in line with department guidelines.
- Ensure high-quality internal administration, proper filing, and traceability of all documents for operational efficiency.
- Lead and guide staff in automating workflows and improving process efficiency.
- Lead continuous improvement initiatives by reviewing and optimizing operational process flows.
- Oversee learning and development initiatives within the operation.
- Oversee performance results against SLAs and propose improvement plans as needed.