Security Operations Center Manager
About The Position
The Security Operations Center (SOC) Manager is responsible for leading and maturing the organization’s cybersecurity monitoring and incident response capabilities. This role oversees 24/7 security operations, ensures effective detection and response to cyber threats, and drives continuous improvement of security tooling, processes, and analyst performance. The SOC Manager will lead a team of security analysts and engineers (Tier 1–3), coordinate incident response activities, and partner cross-functionally with Infrastructure, Risk, Compliance, and Executive Leadership to protect enterprise systems, data, and operations. This role provides these services across all contracted and operational markets.
Requirements
- Strong understanding of threat detection, log analysis, and network security principles.
- Strong interpersonal and communication skills, with the ability to work effectively in a team environment.
- Detail-oriented and highly organized, with the ability to manage multiple projects simultaneously.
- Familiarity with industry standards, regulations, and best practices.
- Willingness to learn and adapt to new technologies and methodologies.
Nice To Haves
- CISSP (preferred)
- CISM (preferred)
- CEH (required)
- Security+ (required)
Responsibilities
- Lead the daily operations of the Security Operations Center, including oversight of 24/7 monitoring, triage, and escalation procedures.
- Develop and manage SOC staffing models, shift schedules, and on-call rotations to ensure continuous coverage.
- Establish, maintain, and continuously improve SOC policies, procedures, playbooks, and escalation matrices.
- Define, monitor, and report on SOC performance metrics including Mean Time to Detect (MTTD), Mean Time to Respond (MTTR), alert fidelity, and analyst productivity.
- Oversee investigation and response to security incidents including malware, phishing, ransomware, insider threats, and advanced persistent threats.
- Serve as Incident Commander during high-severity security events, ensuring coordinated response and executive communication.
- Ensure accurate documentation, root cause analysis, and post-incident reporting for all security events.
- Lead cyber readiness exercises and tabletop simulations to improve organizational preparedness.
- Manage and optimize security monitoring technologies including SIEM, SOAR, EDR/XDR, IDS/IPS, and threat intelligence platforms.
- Ensure appropriate logging ingestion, correlation rule tuning, and continuous enhancement of detection capabilities.
- Drive automation initiatives to improve response efficiency and reduce manual analyst workload.
- Partner with IT and infrastructure teams to prioritize vulnerability remediation based on risk, exploitability, and business impact.
- Align SOC operations with applicable regulatory and cybersecurity frameworks such as NIST CSF, ISO 27001, and industry-specific requirements.
- Hire, mentor, and develop SOC personnel, establishing career progression paths and conducting performance evaluations.
- Provide regular reporting to senior leadership on threat trends, risk posture, and security operations effectiveness.
- Translate technical findings into clear business risk language for executive and board-level audiences.
- Support internal and external audits, regulatory inquiries, and compliance reporting requirements.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Manager
