Senior Manager, SOC Operations

About The Position

Requirements

• Minimum 10 years of progressive experience managing a SOC (or equivalent leadership role) in a high-volume environment handling thousands of alerts per day.
• Knowledge of SOC tools and technologies, including SIEM (e.g., Splunk, ELK, Sentinel), EDR/XDR (e.g., CrowdStrike, Sentinel One, Microsoft Defender), SOAR, and threat intelligence platforms.
• Hands-on experience with large-scale endpoint management and multi-tenant architectures.
• Proven track record leading and developing high-performing analyst teams in 24/7 operations.
• Strong analytical, problem-solving, and communication skills.
• Ability to lead from the front and inspire your team to follow you into battle.
• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field (or equivalent experience).
• Background in proactive threat hunting, detection engineering, or incident response at scale.

Nice To Haves

• Demonstrated experience working in or with Managed Service Providers (MSPs), Managed Security Service Providers (MSSPs), or managed multi-client/multi-tenant environments is strongly preferred.
• Preferred certifications include CISSP, CISM, GIAC (e.g., GCIA, GCIH), or equivalent.

Responsibilities

• Oversee day-to-day operations of a multilocation, global 24/7 SOC, monitoring ~3 million endpoints, including post AI investigation human response, incident response, escalation processes, and performance metrics/KPIs across shifts and global teams.
• Recruit, mentor, and train SOC analysts and team leads, develop career progression paths, conduct regular skills assessments, and deliver ongoing training on tools and best practices.
• Identify and implement automation opportunities (e.g., via scripting, SOAR platforms, or custom playbooks) to reduce manual workload, improve efficiency, and minimize response times.
• Actively assist with and lead threat hunting initiatives; collaborate with analysts to hunt for advanced persistent threats, refine and optimize detection rules and alerting and continuously tune customer environments.
• Evaluate and recommend enhancements to SOC tools, technologies, processes, and workflows; drive initiatives to mature the SOC and adapt to emerging threats.
• Serve as a key point of contact for customer escalations; deliver incident reports, threat briefings, and service reviews; ensure a premium customer experience through proactive communication and alignment with metrics in a multi-client environment.
• Manage shift coverage, compliance reporting, and cross-functional collaboration with engineering, threat intelligence, and security success teams.