Security Operations Center Manager

About The Position

Requirements

• Bachelor's degree (or international equivalent)
• 5+ years in Security Operations, including 3+ years leading IR/SecOps teams
• Hands-on experience with incident response, SIEM management, and threat hunting
• Strong understanding of NIST, ISO, SOC 2, MITRE ATT&CK, and zero trust principles
• Excellent communicator with experience in cross-functional coordination and executive reporting

Nice To Haves

• CISSP or equivalent certification
• Cloud security experience (AWS, Azure, GCP)
• IAM lifecycle management
• Audit and compliance experience (SOC 2, SOX, etc.)

Responsibilities

• Lead the full IR lifecycle: detection, triage (L2-L3), containment, eradication, recovery, and post-mortems
• Coordinate forensic investigations and run tabletop, blue/red/purple team exercises
• Maintain and execute documented playbooks for rapid response
• Oversee 24×7 alerting and escalation model with MSSP and internal teams
• Implement anomaly detection and access monitoring across endpoints, networks, and cloud
• Manage SIEM (Google SecOps/Chronicle) including detection engineering, log health, and tuning
• Develop repeatable SOAR playbooks and automation workflows
• Ensure robust IAM lifecycle processes and enforce least privilege principles
• Integrate anomaly detection for identity-related threats
• Incorporate threat intelligence feeds into detection and response workflows
• Conduct threat modeling exercises to anticipate and mitigate risks
• Drive automation for repetitive tasks and incident workflows
• Optimize orchestration between SIEM, EDR, and SOAR platforms
• Own the incident reporting process to Neptune's parent company
• Deliver actionable metrics on detection, response, and operational performance
• Partner with engineering to embed secure-by-design principles
• Implement zero trust segmentation and hardening based on incident learnings