Senior SOC Manager

About The Position

Requirements

• 8+ years of experience in cybersecurity, security operations, incident response, threat detection, cyber defense, or related technical roles.
• 3+ years of experience leading SOC operations, incident response teams, cyber operations teams, or similar security functions.
• Strong understanding of SOC workflows, alert triage, escalation management, incident response, threat hunting, threat intelligence, detection engineering, and security monitoring.
• Experience overseeing or supporting security tools such as SIEM, SOAR, EDR, NDR, ticketing platforms, and case management systems.
• Demonstrated ability to lead technical teams, coordinate cross-functional response activities, manage priorities, and ensure timely delivery of operational outcomes.
• Conducts training and tabletop exercises as necessary for SOC analysts to improve on SOC protocols, operator proficiency and readiness.
• Experience developing or enforcing SOPs, playbooks, runbooks, escalation guides, metrics, reports, and quality-control processes.
• Ability to analyze operational risk, validate incident information, communicate impacts, and brief technical and non-technical stakeholders.
• Excellent written and verbal communication skills, including experience producing operational reports, executive briefings, and incident updates.

Responsibilities

• Lead and manage a 24x7x365 Security Operations Center providing technical oversight.
• Lead staff to proactively identify, prevent and respond to security incidents.
• Implementing and maintaining a comprehensive SOC program leveraging best practices and compliant with client standards and requirements.
• Continue modernization planning and road mapping
• Monitoring, managing, and responding to security events using client’s security information and event management (SEIM) system.
• Performing incident identification and assisting with security policy violations, conducting investigations, reporting/communicating infractions, eradicating/mitigating/remediating IoCs, and performing continuous monitoring.
• Ensure incident identification, assessment, quantification, reporting, communication, mitigation and monitoring.
• Evaluating Common Vulnerabilities and Exposures (CVE) for applicability as a potential internal/external attach vector, developing recommendation to eliminate vulnerability/weakness.
• Provide guidance on active Plans of Action and Milestones (POA&M).
• Monitoring system recovery processes to ensure security features and functions are properly restored and functioning correctly following an outage.
• Ensure compliance to Service Level Agreements (SLA), process adherence and process improvisation to achieve operational objectives and mitigate threats.
• Author and update/revise processes (SOP’s and runbooks) to strengthen the current operational activities; review policies and recommend changes to improve governance.
• Responsible for team management, personnel scheduling, overall use of resources and initiation of corrective action where required for SOC.
• Perform threat management, threat modeling, identify threat vectors and develop use cases for security monitoring.
• Develop reports, dashboards, and metrics for SOC operations and presentation to leadership and clients
• Coordinate with stakeholders to build and maintain positive working relationship.

Benefits

• General Description of Benefits [https://everforthecs.com/careers/benefits]