top of page

SOC Manager


SOC Manager


8+ Years


Infopark, Koratty


Best in the Industry



Date Posted


Job Description

Role Purpose

The Security Operations Centre (SOC) Manager will plan, direct and control the SOC functions and operations. Ensure the monitoring and analysis of incidents to protect People, Technology and Process addressing all security incidents and ensuring timely escalation. Direct the Cyber Intelligence capability to identify potential threats delivering strategic reports and strategies to minimise the impact of the threat for our customers.  The SOC Manager delivers the SOC services to our customers and provides technical advisory for the pre-sales activities by our sales team

  • Leading and managing the Security Operations and team of security operational staff members. Manage, mentor, and develop a global SOC team, while also acting as an escalation resource

  • Design, build, run, and own automation to detect, contain, and eradicate security threats

  • Identify and implement processes and tools to improve the automation and efficiency of monitoring, detection, and response to threats and incidents

  • Primarily responsible for ensuring incident identification, assessment, quantification, reporting, communication, mitigation and monitoring

  • Lead the Cyber Incident Response Team (CIRT), as the Incident Commander, in responding to active and time-sensitive threats, including communications and coordination across different teams

  • Conduct human-driven, proactive, and iterative hunts through enterprise networks, endpoints, or datasets to detect malicious, suspicious, or risky activities that have evaded detection by existing tools

  • Ensuring compliance to policy, process, and procedure adherence and process improvisation to achieve operational objectives

  • Revising and developing processes to strengthen the current Security Operations Framework, Review policies and highlight the challenges in managing SLAs

  • Ensuring threat management, threat modeling, identify threat vectors and develop use cases for security monitoring

  • Creation of reports, dashboards, metrics for SOC operations and presentation to Sr. Mgmt.

  • Stay current with evolving global security standards and requirements through ongoing personal and professional development

  • Conduct periodic customer, vendor and account audits

  • Support in reviewing the RFPs, RFIs & RFQs and understand the requirement and develop scope of work

  • Understand the requirements of the target customers and act as the voice of the customer internally

  • Prepare effort estimations for involved service lines


  • 8+ years of progressive experience in security and 3+ years directly managing a distributed security operations team

  • Experience in designing and deploying SOC operations using Azure Sentinel

  • Advanced certifications showcasing expertise in the security field (CISSP, CISA, CISM, etc.)

  • Ability to work either independently or collaboratively in a dynamic and fast-paced environment, with minimal direct supervision

  • Strong analytical and problem-solving skills for investigating security issues.

  • Ability to build and develop the appropriate team that delivers on key objectives and navigates the security landscape

  • Ability to build constructive relationships with diverse groups of people, including internal and external stakeholders

  • Demonstrable documentation and reporting skills.

  • Experience with Incident Response, analysis of network traffic, log analysis, ability to prioritize and differentiate between potential intrusion attempts and false alarms, managing and tracking investigations to resolution

  • Familiar with both on-premise and cloud networking concepts.

  • Prior experience with teams of 10+ FTEs in a 24x7x365 SOC with multiple shifts is strongly preferred

  • The following skillsets are preferred

    • Firewall Administration (Fortinet, Palo Alto, Checkpoint, Watchguard, etc.)

    • Familiar with scripting languages and/or automation tools (python, powershell, ruby, ansible, chef etc.).

    • Vulnerability Scanning & Management – Tenable Nessus, Qualys, etc.

    • Endpoint Protection Deployment, Administration, & Troubleshooting (SentinelOne, CrowdStrike, etc.)

    • SIEM Experience – (IBM QRadar, Splunk, Logrythm, AT&T USM Anywhere etc.)


  • BS/MS degree in Computer Science, Information Technology or related technical field.

  • Technical security certification (CySA+, PenTest+, GIAC, CEH, OSCP, etc)

  • Cloud certifications (Azure, AWS, or GCP)

  • Advanced knowledge of TCP/IP networking, and network services such as DNS, SMTP, DHCP, etc.

  • Background in Cloud and Cloud-Native tools for AWS and Azure

  • Familiarity with one of the following; NIST Incident Response Lifecycle, and Mitre Adversarial Tactics, Techniques & Common Knowledge (ATT&CK)

Mail your resume to

bottom of page