Orion Innovation

Job Description :

We are seeking an experienced SOC Manager to lead our Managed Security Operations team. The ideal candidate will have extensive experience in managing SOC teams within a Managed Security Operations function, particularly with a focus on Managed Detection and Response (MDR) and Managed SIEM.

The role involves a hands-on approach to daily SOC activities, strategic leadership in process enrichment, and effective communication with senior leadership. This critical role requires a balance of technical expertise, strategic thinking, and leadership skills and must have a proven track record in leading high-performing SOC teams.

Key Responsibilities :

- Lead and manage the Security Operations Center (SOC) team, providing direction, guidance, and support to ensure the team's effectiveness and productivity.

- Oversee the day-to-day operations of the SOC team, ensuring effective response to security incidents and alerts.

- Oversee the management of our existing Managed Security Operation's managed SIEM and EDR solutions, ensuring their optimal performance and effectiveness in detecting and responding to security incidents.

- Lead the management and enhancement of MDR and Managed SIEM services, preferably expertise in IBM QRadar.

- Collaborate with the SOC analysts and engineering team to define and implement SIEM rules, alerts, and correlation logic to improve the accuracy and efficiency of threat detection.

- Provide guidance and support to the SOC team in the ingestion and analysis of logs from various systems and applications into the SIEM platform.

- Develop and implement SOC strategies, policies, and procedures to enhance the organization's security posture and incident response capabilities.

- Oversee the monitoring and analysis of security events and incidents, ensuring timely detection, investigation, and response to potential threats or vulnerabilities.

- Collaborate with cross-functional teams, such as IT, Legal, and Risk Management, to ensure alignment and effective communication regarding security incidents and mitigation strategies.

- Drive the continuous improvement of SOC processes and procedures to enhance efficiency and effectiveness.

- Take a proactive role in utilizing Threat Intelligence and Threat Hunting activities, ensuring the SOC is ahead of potential security threats.

- Establish and maintain relationships with external partners, vendors, and industry peers to stay updated on emerging threats, best practices, and industry trends.

- Conduct regular assessments and audits of SOC processes, systems, and controls to identify areas for improvement and ensure compliance with regulatory requirements.

- Develop and deliver comprehensive reports and metrics on SOC performance, including incident trends, response times, and effectiveness.

- Stay abreast of the evolving cybersecurity landscape, emerging threats, and industry standards, providing recommendations for proactive security measures and continuous improvement of the SOC.

Qualification :

- Proven experience (10+ years) in managing a Security Operations Center (SOC) or a similar cybersecurity leadership role.

- Bachelor's degree in Computer Science, Information Security, or a related field (Master's degree preferred).

- Proven expertise in MDR and Managed SIEM, with a strong preference for experience with IBM QRadar.

- In-depth knowledge of security operations, incident response methodologies, and security technologies (SIEM, IDS/IPS, EDR, etc.).

- Strong networking concepts, including an in-depth understanding of TCP/IP protocols, firewall configuration, network segmentation, VPNs, etc.

- Strong understanding of Threat Intelligence, Threat Hunting, Vulnerability Management, and risk assessment frameworks.

- Experience in creating and refining SIEM rules, alerts, and correlation logic.

- Experience working in a fast-paced, dynamic environment, with the ability to prioritize and manage multiple security incidents simultaneously.

- Exceptional problem-solving and decision-making abilities, with a proactive and results-driven mindset.

- Demonstrated ability in enhancing SOC processes and implementing best practices in security operations.

- Excellent leadership and team management skills, with the ability to inspire and guide teams in high-pressure situations.

- Exceptional communication skills, capable of articulating complex security issues to senior leadership and non-technical stakeholders.

- Relevant certifications such as CISSP, CISM, CISA, or GIAC certifications are highly desirable.