Security Operations Center Manager

Job description / Role

Description

This position is responsible for overseeing all Security Operations Center (SOC) activities. The role leads Level 1–3 SOC analysts to ensure effective monitoring, detection, and response to security incidents. The SOC Manager defines and drives the organization’s security monitoring strategy, leads incident response, integrates threat intelligence, and conducts proactive threat hunting to strengthen the overall cybersecurity posture.

As a proactive leader, the SOC Manager thrives in dynamic environments, communicates effectively with both technical teams and executives, and continuously enhances SOC processes, tools, and capabilities.

Job Duties

SOC Operations Management
Plan, organize, and lead the daily operations of the Security Operations Center (SOC).
Ensure 24/7 operational coverage and effective coordination of SOC activities.

Team Leadership & Development
Manage, mentor, and evaluate SOC analysts (Level 1–3) to ensure performance, growth, and skill development.
Build a high-performing team culture focused on accountability and continuous improvement.

Monitoring & Incident Response
Oversee event monitoring, triage, and incident response.
Ensure timely containment, eradication, and recovery from security incidents.
Maintain proper incident documentation from detection through resolution, including lessons learned and root cause analysis.

Detection & Threat Intelligence
Define, maintain, and optimize detection use cases across SIEM, SOAR, and NDR platforms.
Integrate logs, data sources, and threat intelligence feeds into monitoring and response workflows.

Threat Hunting & Risk Analysis
Lead proactive threat hunting activities to identify hidden or emerging threats.
Conduct threat management, threat modelling, and attack surface analysis to anticipate risks.

Reporting & Communication
Deliver regular SOC reports, dashboards, KPIs, and incident summaries to senior leadership.
Communicate findings effectively with both technical and executive stakeholders.

Collaboration & Continuous Improvement
Foster collaboration with IT, risk, compliance, and external partners to strengthen the security ecosystem.
Stay ahead of emerging attack techniques, vulnerabilities, and industry best practices to enhance SOC capabilities.

Staff Management & Internal Processes
Approve workforce plans, productivity, and staff utilization to ensure optimum staffing levels across the department; propose initiatives for improvement.
Manage staff hiring, termination, and HR personnel requests as per the organizational matrix.
Approve attendance records and ensure compliance with company policies.
Coach and train staff on new technologies and processes, driving continuous improvement.
Monitor and review daily, weekly, monthly, and annual reports in line with department guidelines.
Ensure high-quality internal administration, proper filing, and traceability of all documents for operational efficiency.
Lead and guide staff in automating workflows and improving process efficiency.
Lead continuous improvement initiatives by reviewing and optimizing operational process flows.
Oversee learning and development initiatives within the operation.
Oversee performance results against SLAs and propose improvement plans as needed.

Requirements

Bachelor's degree in computer science, computer engineering, information security, or a related STEM field.
8–10 years of experience in security operations, incident response, or threat detection.
Minimum 3 years of proven leadership experience managing SOC teams or similar security functions.

Core Competencies

• Passion and initiative
• Results orientation
• Leadership & empowerment
• Creativity & innovation
• Customer service orientation
• Positive attitude & teamwork

Managerial Competencies

• Decision making & judgement
• Resources management
• Stakeholder relations
• Project management
• Automation & adaptability to technology changes
• Continuous improvement
• Adaptability

Job Related Competencies

• Basic ISP & networking knowledge
• Risk management, security and information assurance
• Consultation and collaboration
• Process re-engineering
• Training & coaching others
• Quality control & quality assurance
• Seeking opportunities for improvements
• Software development and management