SOC Manager

Location: Pune, Mumbai, Chennai, Coimbatore, Hyderabad, Kochi

Job Description:

We are seeking an experienced SOC Manager. The role involves a hands-on approach to daily SOC activities, strategic leadership in process enrichment, and effective communication with senior leadership. This critical role requires a balance of technical expertise, strategic thinking, and leadership skills.

Key Responsibilities:

• Oversee the day-to-day operations of the SOC team, ensuring effective response to security incidents and alerts.
• Oversee the management of our existing Managed Security Operation’s managed SIEM and EDR solutions, ensuring their optimal performance and effectiveness in detecting and responding to security incidents.
• Collaborate with the SOC analysts and engineering team to define and implement SIEM rules, alerts, and correlation logic to improve the accuracy and efficiency of threat detection.
• Develop and implement SOC strategies, policies, and procedures to enhance the organization's security posture and incident response capabilities.
• Oversee the monitoring and analysis of security events and incidents, ensuring timely detection, investigation, and response to potential threats or vulnerabilities.
• Collaborate with cross-functional teams, such as IT, Legal, and Risk Management, to ensure alignment and effective communication regarding security incidents and mitigation strategies.
• Drive the continuous improvement of SOC processes and procedures to enhance efficiency and effectiveness.
• Take a proactive role in utilizing Threat Intelligence and Threat Hunting activities, ensuring the SOC is ahead of potential security threats.
• Establish and maintain relationships with external partners, vendors, and industry peers to stay updated on emerging threats, best practices, and industry trends.
• Conduct regular assessments and audits of SOC processes, systems, and controls to identify areas for improvement and ensure compliance with regulatory requirements.
• Develop and deliver comprehensive reports and metrics on SOC performance, including incident trends, response times, and effectiveness.
• Stay abreast of the evolving cybersecurity landscape, emerging threats, and industry standards, providing recommendations for proactive security measures and continuous improvement of the SOC.

Qualification:

• Proven experience (12+ years) in managing a Security Operations Center (SOC).
• Any one SIEM end to end implementation is a mandatory for this role. This is not just limited to IBM QRadar, SIEM; Look for Palo Alto Cortex XSIAM implementation experience as alternate.
• In-depth knowledge of security operations, incident response methodologies, and security technologies (SIEM, IDS/IPS, EDR, etc.).
• Strong networking concepts, including an in-depth understanding of TCP/IP protocols, firewall configuration, network segmentation, VPNs, etc.
• Strong understanding of Threat Intelligence, Threat Hunting, Vulnerability Management, and risk assessment frameworks.
• Experience in creating and refining SIEM rules, alerts, and correlation logic.
• Experience working in a fast-paced, dynamic environment, with the ability to prioritize and manage multiple security incidents simultaneously.
• Exceptional problem-solving and decision-making abilities, with a proactive and results-driven mindset.
• Demonstrated ability in enhancing SOC processes and implementing best practices in security operations.
• Excellent leadership and team management skills, with the ability to inspire and guide teams in high-pressure situations.
• Exceptional communication skills, capable of articulating complex security issues to senior leadership and non-technical stakeholders.
• Relevant certifications such as CISSP, CISM, CISA, or GIAC certifications are highly desirable.