SOC Manager

Fidelity National Financial•Jacksonville, FL

10h

About The Position

The Security Operations Center (SOC) Manager is responsible for leading and maturing a 24x7 enterprise SOC supporting a global Fortune 500 organization. This role oversees a geographically dispersed team of security analysts responsible for threat detection & response. The SOC Manager provides strategic and operational leadership, ensuring rapid detection and response to cyber threats while continuously improving people, process, and technology. This role partners closely with other teams in the information security organization as well as with IT, risk management, legal, privacy, and business leaders to protect the organization from evolving cyber risks. LOCATION Role is based in Jacksonville, Florida, with interaction across global teams and time zones Participation in major incident response activities outside standard business hours may be required Rarely, travel may be required to support team engagement or leadership meetings

Requirements

Bachelor’s degree in Information Security, Computer Science, or a related field, or equivalent practical experience
8+ years of experience in cybersecurity operations, incident response, or threat detection
3+ years of experience managing security teams or leading SOC operations
Hands‑on experience with enterprise security tools (SIEM, EDR/XDR, and threat intelligence platforms)
Strong understanding of attacker tactics, techniques, and procedures (TTPs)
Proven ability to lead teams in high‑pressure, time‑sensitive environments
Excellent communication skills with the ability to brief technical and non‑technical stakeholders

Nice To Haves

Experience operating a SOC in a large, complex, or regulated enterprise environment
Relevant certifications such as CISSP, CISM, GCED, GCIH, or equivalent
Familiarity with cloud security operations (AWS, Azure, GCP)
Experience managing globally distributed or follow‑the‑sun SOC models
Prior experience supporting executive‑level incident communications

Responsibilities

Lead, mentor, and develop a geographically distributed SOC team, including analysts across multiple shifts and regions
Drive a culture of accountability, continuous improvement, and operational excellence
Define roles, skill sets, training paths, and career development plans for SOC staff
Manage staffing models to support 24x7 operations, including managing on‑call rotations
Oversee daily SOC operations, including monitoring, triage, investigation, containment, and remediation of security incidents
Ensure consistent execution of response playbooks and standard operating procedures
Coordinate cross‑functional response efforts with DFIR, IT, legal, privacy, HR, and communications teams
Ensure effective use and continuous improvement of security tooling such as SIEM, XDR, NDR, and threat intelligence platforms
Drive enhancements to detection use cases, alert fidelity, and automation
Evaluate emerging threats and attacker techniques and translate intelligence into actionable detection strategies
Define and track SOC KPIs and metrics (e.g., MTTD, MTTR, alert quality, coverage)
Provide clear, concise reporting to executive leadership on SOC performance, risk posture, and incident trends
Ensure SOC operations align with internal policies, regulatory requirements, and industry frameworks (e.g., NIST)
Develop and execute a multi‑year SOC maturity roadmap aligned to business and risk priorities
Identify opportunities for process optimization, automation, and technology improvements
Participate in vendor evaluation, tool selection, and budget planning related to SOC capabilities
Support audits, tabletop exercises, and purple team activities