ColorTokens - Security Operations Center Manager - SIEM

Job Summary : Colortokens is seeking a SOC Manager to lead our Security Operations Center (SOC), leveraging Next-Gen SIEM to detect, respond to, and mitigate security threats. The ideal candidate will have deep expertise in modern SIEM platforms, threat intelligence, and incident response while managing customers and a team of security analysts.Job Title : SOC ManagerLocation : BangaloreJob Type : Full-timeDepartment : Managed ServicesKey Responsibilities : 1. SOC Leadership & Operations : - Oversee 24/7 security monitoring, detection, and response operations.- Manage, mentor, and train a team of SOC analysts, engineers, and incident responders.- Develop and optimize SOC processes, playbooks, and runbooks for effective incident handling.- Ensure continuous threat monitoring, analysis, and escalation in accordance with SLAs.2. SIEM & Security Analytics Management : - Implement, manage, and optimize Next-Gen SIEM solutions (eg : Stellar Cyber, Cortex, Chronicle etc)- Develop advanced detection rules, correlation logic, and behavioural analytics for real-time threat detection.- Integrate SIEM with EDR, NDR, SOAR, Threat Intelligence, and Cloud Security tools.- Ensure log management, normalization, and enrichment from various sources (firewalls, endpoints, cloud, IAM, etc.3. Threat Detection, Incident Response & Forensics : - Lead security investigations, threat hunting, and forensics analysis.- Work with SOC analysts to triage and escalate security incidents (MITRE ATT&CK-based).- Oversee the incident response process and conduct post-mortem analysis for continuous improvement.- Collaborate with threat intelligence teams to enrich SIEM detections with contextual threat data.4. Compliance, Reporting & Automation : - Ensure SOC operations align with regulatory standards (ISO 27001, NIST, GDPR, SOC 2, etc.- Develop automated detection & response workflows using SOAR (Security Orchestration, Automation, and Response).- Generate SIEM dashboards, security reports, and executive summaries for stakeholders.- Conduct tabletop exercises and Red/Blue team drills to enhance security readiness.5. Customer & Stakeholder Engagement : - Act as the primary point of contact for key customers, ensuring high-quality service delivery.- Collaborate with OEMs to address cybersecurity risks.- Present threat intelligence reports, risk assessments, and incident trends to executive stakeholders.- Drive continuous improvement initiatives based on customer feedback and security landscape changes.- Customer SLA management and ensure CSAT of greater than 4.5/56.Business Support : - Work with pre-sales teams to respond to customer RFI/RFPs- Responsible for upsell and cross-sell activities- Enable/train sales teams across regions7.Required Skills & Experience : Technical Expertise : - 12-15 years of experience in SOC operations, SIEM, and cybersecurity incident response.- Hands-on expertise with Next-Gen SIEM platforms.- Proficiency in SOAR, EDR, XDR, Cloud Security (AWS/Azure/GCP), and threat intelligence tools.- Strong knowledge of MITRE ATT&CK, Cyber Kill Chain, and NIST frameworks.- Experience in log analysis, anomaly detection, and SIEM rule creation.- Scripting skills in Python, PowerShell, or Regex for automation.Leadership & Soft Skills : - Strong leadership experience in managing and mentoring SOC teams.- Excellent incident response and crisis management abilities.- Effective communication with technical and non-technical stakeholders including customers.- Ability to collaborate with IT, DevOps, and security teams to enhance security posture.Preferred Certifications : - CISSP (Certified Information Systems Security Professional)- GCIA (GIAC Certified Intrusion Analyst)- GCIH (GIAC Certified Incident Handler)- SIEM Vendor Certifications Skills : SOC Manager, SOC Process, CISSP, Pre-Sales Activities, SOC Setup Experience (ref:hirist.tech)