SOC Manager - Anywhere in India/Multiple Locations - Orion Innovation

Description

The ideal candidate will have extensive experience in managing SOC teams within a Managed Security Operations function, particularly with a focus on Managed Detection and Response (MDR) and Managed SIEM.

The role involves a hands-on approach to daily SOC activities, strategic leadership in process enrichment, and effective communication with senior leadership.

This critical role requires a balance of technical expertise, strategic thinking, and leadership skills and must have a proven track record in leading high-performing SOC teams.

• Lead and manage the Security Operations Center (SOC) team, providing direction, guidance, and support to ensure the team's effectiveness and productivity.
• Oversee the daytoday operations of the SOC team, ensuring effective response to security incidents and alerts.
• Oversee the management of our existing Managed Security Operation's managed SIEM and EDR solutions, ensuring their optimal performance and effectiveness in detecting and responding to security incidents.
• Lead the management and enhancement of MDR and Managed SIEM services, preferably expertise in IBM QRadar.
• Collaborate with the SOC analysts and engineering team to define and implement SIEM rules, alerts, and correlation logic to improve the accuracy and efficiency of threat detection.
• Provide guidance and support to the SOC team in the ingestion and analysis of logs from various systems and applications into the SIEM platform.
• Develop and implement SOC strategies, policies, and procedures to enhance the organization's security posture and incident response capabilities.
• Oversee the monitoring and analysis of security events and incidents, ensuring timely detection, investigation, and response to potential threats or vulnerabilities.
• Collaborate with crossfunctional teams, such as IT, Legal, and Risk Management, to ensure alignment and effective communication regarding security incidents and mitigation strategies.
• Drive the continuous improvement of SOC processes and procedures to enhance efficiency and effectiveness.
• Take a proactive role in utilizing Threat Intelligence and Threat Hunting activities, ensuring the SOC is ahead of potential security threats.
• Establish and maintain relationships with external partners, vendors, and industry peers to stay updated on emerging threats, best practices, and industry trends.
• Conduct regular assessments and audits of SOC processes, systems, and controls to identify areas for improvement and ensure compliance with regulatory requirements.
• Develop and deliver comprehensive reports and metrics on SOC performance, including incident trends, response times, and effectiveness.
• Stay abreast of the evolving cybersecurity landscape, emerging threats, and industry standards, providing recommendations for proactive security measures and continuous improvement of the SOC.

• Proven experience (10+ years) in managing a Security Operations Center (SOC) or a similar cybersecurity leadership role.
• Bachelor's degree in Computer Science, Information Security, or a related field (Master's degree preferred).
• Proven expertise in MDR and Managed SIEM, with a strong preference for experience with IBM QRadar.
• Indepth knowledge of security operations, incident response methodologies, and security technologies (SIEM, IDS/IPS, EDR, etc.).
• Strong networking concepts, including an indepth understanding of TCP/IP protocols, firewall configuration, network segmentation, VPNs, etc.
• Strong understanding of Threat Intelligence, Threat Hunting, Vulnerability Management, and risk assessment frameworks.
• Experience in creating and refining SIEM rules, alerts, and correlation logic.
• Experience working in a fastpaced, dynamic environment, with the ability to prioritize and manage multiple security incidents simultaneously.
• Exceptional problemsolving and decisionmaking abilities, with a proactive and resultsdriven mindset.
• Demonstrated ability in enhancing SOC processes and implementing best practices in security operations.
• Excellent leadership and team management skills, with the ability to inspire and guide teams in highpressure situations.
• Exceptional communication skills, capable of articulating complex security issues to senior leadership and nontechnical stakeholders.
• Relevant certifications such as CISSP, CISM, CISA, or GIAC certifications are highly desirable.