Job Purpose:
The SOC Manager will be responsible for overseeing the day-to-day operations of our Security Operations Center, managing a team of
skilled analysts, and ensuring the organizations security posture against cyber threats. The ideal candidate should possess a strong
background in cybersecurity, incident response, and team leadership.
Job Responsibilities:
- Administrative / Co-Ordination - Leadership and Team Management:
Lead, mentor, and manage a team of SOC analysts.
Foster a collaborative and proactive security culture within the SOC.
Conduct regular training sessions to enhance the teams technical skills and awareness.
- Administrative / Co-Ordination - Incident Response:
Develop and maintain incident response plans and procedures.
Coordinate with cross-functional teams to ensure timely and effective incident resolution.
- Administrative / Co-Ordination - Tool Management:
Evaluate, implement, and manage security tools and technologies.
Ensure that SOC tools are configured for optimal performance.
Collaborate with IT teams to integrate security tools into the overall IT infrastructure.
- Execution / Implementation - Incident Response:
Oversee the detection, analysis, and response to security incidents.
- Execution / Implementation - Monitoring and Analysis:
Implement and manage security information and event management (SIEM) tools.
Monitor network traffic, logs, and alerts for potential security incidents.
Conduct in-depth analysis of security events to identify and mitigate threats.
- Execution / Implementation - Threat Intelligence:
Stay current on the latest cybersecurity threats and vulnerabilities.
Integrate threat intelligence feeds into SOC operations for proactive defense.
Collaborate with external threat intelligence sources to enhance situational awareness.
- People Related - Leadership and Team Management:
Lead, mentor, and manage a team of SOC analysts.
Foster a collaborative and proactive security culture within the SOC.
Conduct regular training sessions to enhance the teams technical skills and awareness.
- People Related - Reporting and Communication:
Prepare and present regular reports on SOC activities, incidents, and trends.
Communicate effectively with executive leadership and other stakeholders.
Provide actionable insights and recommendations to enhance the organizations security posture.
- Strategic - Incident Response:
Develop and maintain incident response plans and procedures.
Coordinate with cross-functional teams to ensure timely and effective incident resolution.
- Strategic - Threat Intelligence:
Stay current on the latest cybersecurity threats and vulnerabilities.
Integrate threat intelligence feeds into SOC operations for proactive defense.
Collaborate with external threat intelligence sources to enhance situational awareness.
- Strategic - Reporting and Communication:
Prepare and present regular reports on SOC activities, incidents, and trends.
Communicate effectively with executive leadership and other stakeholders.
Provide actionable insights and recommendations to enhance the organizations security posture
Skills:
FUNCTIONAL - SOC Operations Management: Extensive experience in managing Security Operations Centers (SOCs), including overseeing day-to-day operations, incident response, and threat intelligence analysis.FUNCTIONAL - Strategic Planning: Ability to develop and execute strategic plans for SOC operations, aligning with organizational security goals and objectives.FUNCTIONAL - Risk Management: Proficiency in identifying, assessing, and mitigating cybersecurity risks within SOC environments, ensuring effective risk management strategies are in place.FUNCTIONAL - Process Improvement: Strong capability in identifying areas for process improvement within SOC operations and implementing enhancements to optimize efficiency and effectiveness.FUNCTIONAL - Compliance and Regulations: Thorough understanding of cybersecurity compliance frameworks and regulations, ensuring SOC operations adhere to relevant standards and guidelines.SOFT SKILLS / BEHAVIOURAL COMPETENCIES - Leadership: Demonstrated leadership skills with the ability to inspire, motivate, and lead teams effectively within the SOC environment.SOFT SKILLS / BEHAVIOURAL COMPETENCIES - Problem-Solving: Strong problem-solving abilities to address complex cybersecurity issues and incidents within SOC operations, employing analytical thinking and creative solutions.SOFT SKILLS / BEHAVIOURAL COMPETENCIES - Communication: Excellent communication skills, both verbal and written, to effectively convey information, insights, and recommendations to internal stakeholders and external customers.SOFT SKILLS / BEHAVIOURAL COMPETENCIES - Adaptability: Flexibility and adaptability to navigate through evolving cybersecurity landscapes and emerging threats, adjusting SOC operations accordingly.SOFT SKILLS / BEHAVIOURAL COMPETENCIES - Collaboration: Proven ability to collaborate effectively with cross-functional teams, external partners, and vendors to achieve SOC operational goals and objectives.TECHNICAL KNOW / HOW - Incident Response: Expertise in incident detection, analysis, and response methodologies within SOC environments, including the use of incident response tools and techniques.TECHNICAL KNOW / HOW - Threat Intelligence: In-depth knowledge of threat intelligence principles and practices, including the integration of threat intelligence feeds into SOC operations for proactive defense.TECHNICAL KNOW / HOW - Security Tools: Proficiency in utilizing and managing security tools such as SIEM (Security Information and Event Management) solutions, intrusion detection/prevention systems (IDS/IPS), and endpoint detection and response (EDR) tools.TECHNICAL KNOW / HOW - Cybersecurity Technologies: Familiarity with a wide range of cybersecurity technologies and solutions, including firewalls, antivirus software, encryption tools, and network security appliances.TECHNICAL KNOW / HOW - Network Security: Understanding of network security principles and protocols, including TCP/IP, DNS, VPN, and network segmentation, to effectively monitor and secure network environments within the SOC.
