· Lead and manage the end-to-end functioning of the SOC team, ensuring 24x7 coverage.
· Oversee daily operations, incident response quality, and compliance with SLAs.Work closely with the SOC Manager to prepare periodic threat reports, executive dashboards, and compliance status updates.
· Develop and maintain SOC playbooks, SOPs, and reporting dashboards.
· Conduct regular review meetings, threat landscape briefings, and knowledge sharing sessions.
· Act as point of contact for critical escalations, audits, and client reporting.
· Coordinate with OEMs, security architects, and client IT teams for policy updates and improvements.
· Train and mentor L1 and L2 SOC Analysts to build internal capabilities.
· Ensure policies for endpoints, DLP, firewall rules, and SOAR playbooks are appropriately enabled and updated as per approved change management.
· Assist in root cause analysis (RCA) for incidents and recommend corrective actions.
· Document incidents, resolutions, and playbook adjustments for knowledge base updates.
Qualification & Skills:
· Bachelor’s degree in Computer Science, IT, or related field (Master’s preferred).
· 7–10 years of experience in SOC operations, including at least 2–3 years in a lead/managerial role.
· Strong expertise in EDR, SIEM, SOAR, DLP, NDR, threat intelligence, and compliance frameworks.
· Relevant certifications preferred:CISSP, CISM, CCSP, GIAC GCIA/GCIH, or other SOC Manager-specific certifications.
· Excellent leadership, communication, and stakeholder management skills.
.jpeg)
