SOC Manager
SOC Manager
Job Purpose
- The SOC Manager is responsible for leading and managing the day-to-day operations of the SOC team, this includes overseeing incident detection, analysis, and response activities, managing security tools/systems, and ensuring effective communication between the SOC team and other parts of the organization. The SOC Manager will be tasked with developing and implementing security monitoring strategies, handling escalated incidents, and maintaining a proactive security posture.
- The SOC Manager is a highly experienced security professional with leadership skills, an in-depth understanding of security technologies, and the ability to manage both people and processes to protect the organization’s information assets.
- Overseeing a team of security analysts and engineers. The role involves ensuring effective monitoring, detection, and response to security incidents while continuously enhancing SOC processes, tools, and capabilities. The SOC Manager also integrates log sources and threat intelligence into daily operations and ensures compliance with security regulations, providing regular performance reports to senior management.
- Review and build new/modify operational processes and procedures.
- Providing related evidence for internal and external auditors.
Technical skills / Competencies
- Bachelor’s degree in Computer Science, Information Security.
- Industry certifications such as CISSP, CISM, GIAC, CEH, or similar.
- Must have 5+ years prior experience in a SOC or Incident Response role, with at least 2 years in a leadership position.
- Experience in Operating Systems: Windows Enterprise Servers, AIX, UNIX, Linux, Windows Security servers & clients.
- Must have extensive experience in multiple security areas such as SIEM, Intrusion, EDR, WAF, Web Proxy, Mail Gateway, PGP, VA, DLP, Network Security tools, Active Directory and Virtualization.
- Relevant technology vendor certifications (Cisco, Symantec, PaloAlto, FortiGate, IBM …etc.)
- Strong knowledge of client-server applications, multi-tier web applications, SQL & Oracle databases, Firewalls, VPNs, Anti-Malware products, 2FA & OTP.
- Strong understanding of common attack vectors, threat actors and the cybersecurity kill chain.
- Must have extensive experience in Digital Forensics, Malware Analysis and Reverse Engineering.