SOC Manager

Job Description

411_3397800

Responsibilities

• Own day-to-day MDR SOC operations (24×7), including L2/L3 analysts.
• Enforce investigation methodology, signal-chaining logic, and escalation standards.
• Guarantee accuracy of detections, severity scoring, and incident classification.
• Act as final escalation authority for critical incidents and client-impacting events.
• Drive continuous reduction of noise, false positives, and redundant detections.
• Ensure consistent, high-quality case documentation and client-facing narratives.
• Oversee SOC interaction with the platform outputs (signals, chains, ATHs, incidents).
• Partner with Engineering on detection tuning, content gaps, and platform improvements.
• Lead SOC staffing, rotations, training, and performance management.
• Own SOC KPIs: MTTD, MTTR, SLA adherence, signal quality, analyst efficiency.
• Represent SOC capability during audits, client reviews, and executive briefings.

Qualifications

• 7+ years in SOC / MDR / Blue Team operations.
• 3+ years managing analysts in a managed detection environment.
• Strong hands-on incident response and attacker behavior analysis.
• Experience operating SIEM, EDR, threat intel, and MDR platforms.
• Proven ability to communicate clearly with CISOs and executives.
• Experience in high-trust, client-facing security operations.

What Success Looks Like

• Clients trust detections without second-guessing.
• SOC output is consistent, explainable, and defensible.
• Noise is controlled; real risk is surfaced early.
• Analysts scale without quality degradation.

#J-18808-Ljbffr

2026-03-17 09:56:29