Note: Automotive domain experience is mandatory.

Job Title: SOC Manager

Role Overview:

As a SOC Manager, you will lead the Security Operations Center, setting goals and priorities to enhance security operations. Your primary focus will be on improving incident response times, minimizing false positives, and strengthening threat detection capabilities. You will analyze security incidents to identify vulnerabilities and establish robust incident response procedures. Additionally, you will collaborate with key stakeholders to ensure the organization maintains a strong security posture.

Key Responsibilities:

• Oversee and enhance SOC service and process improvements, including auditing incidents, identifying new use cases, and driving automation efforts.

• Act as the primary point of contact (POC) for the SOC engineering team, threat intelligence analysts, and threat exposure management.

• Provide escalation support for Level-2 SOC analysts, offering guidance on incident resolution and containment strategies.

• Lead incident coordination efforts, ensuring clear communication and effective resolution strategies.

• Mentor security analysts on risk management, security controls, SIEM monitoring, incident analysis, and incident response techniques.

• Document security incidents from initial detection to final resolution.

• Develop and refine threat management strategies, threat modelling, and use cases for security monitoring.

• Advise on security investments and strategies to align with the company's objectives.

• Create reports, dashboards, and metrics for SOC operations and present them to senior management.

• Act as a focal point for security-related investigations, preparing reports and recommending follow-up actions.

• Serve as the Incident Manager during security incidents and emergencies.

• Ensure business continuity plans and security control room procedures are always up to date.

• Collaborate with IT teams to address escalations, performance issues, and system outages.

• Act as the primary liaison for security incidents, engaging with internal stakeholders, vendors, clients, and regulatory bodies.

• Keep the CISO and Head of Security Operations informed of SOC activities and critical security events.

Required Skills & Experience:

• Expertise in Authentication, Endpoint Security, Firewalls, Web Content Filtering, Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data Loss Prevention (DLP), and Identity & Access Management (IAM).

• Strong understanding of advanced SOC technologies, including Endpoint Detection & Response (EDR) and Security Orchestration, Automation, and Response (SOAR).

• Proficiency in SIEM platforms such as Google Chronicle, Splunk ES, or QRadar.

• Familiarity with industry security policies, standards, and best practices.

• Extensive experience in security operations, incident management, intrusion analysis, and security device configuration (eg, Firewalls, IDS, etc.).

• Hands-on experience in log source integration, correlation rule development, and parser writing.

• Knowledge of SOC automation, cloud security operations (eg, AWS), and regulatory compliance.

• Strong leadership and communication skills, with the ability to manage incident response processes and collaborate effectively across teams.

• Excellent presentation skills, with the ability to convey analytical data to diverse audiences, including executives.

• Ability to perform under pressure and work efficiently with various levels of management.