SOC Manager

Title: Security Operations Centre (SOC) Manager

Location: Qatar

Experience: 8+

Working Mode: On-site

Company Profile:

Tech Mahindra represents the connected world, offering innovative and customer-centric information technology experiences. We Rise together to create sustainable businesses that can bring about lasting change in our communities to create an equal world, to be future ready, and to create value. We are 152,000+ professionals across 90 countries, helping 1297 global customers including Fortune 500 companies.

Job Description:

The SOC Manager is responsible for overseeing the day-to-day operations of the Security Operations Canter (SOC) within an organization. This role involves managing a team of security analysts and engineers to ensure the continuous monitoring, detection, analysis, and response to security threats and incidents. The SOC Manager ensures that the organization’s security posture is strong and that incidents are addressed efficiently and effectively. This role requires strong leadership, communication, and technical expertise in cybersecurity operations.

Key Responsibilities:

Team Leadership & Management:

• Lead, mentor, and manage the SOC team (Tier 1, Tier 2, and Tier 3 analysts) to ensure the effective operation of the SOC.
• Establish clear objectives, KPIs, and performance metrics for the SOC team.
• Oversee staffing levels, training, and skill development to ensure that the team has the necessary capabilities to address emerging threats.
• Conduct regular performance reviews, provide feedback, and foster a culture of continuous improvement and collaboration within the team.

Incident Detection & Response:

• Oversee the real-time monitoring of security events and incidents across the organization’s network, systems, and applications.
• Ensure proper triage and escalation of incidents to the appropriate internal teams for investigation and remediation.
• Ensure that all security incidents are documented, tracked, and reported accurately.
• Provide guidance during high-severity incidents, ensuring appropriate response and resolution.
• Collaborate with other departments (IT, legal, compliance, etc.) for incident response and business continuity.

SOC Operations & Strategy:

• Develop and refine incident detection and response procedures, workflows, and escalation protocols.
• Ensure the continuous improvement of SOC processes by identifying gaps and implementing best practices.
• Maintain and update standard operating procedures (SOPs) for the SOC team to ensure effective and consistent response to security incidents.
• Develop and implement strategies for threat hunting, vulnerability management, and security event correlation.
• Manage the integration and configuration of SOC tools (SIEM, endpoint detection, network monitoring, etc.) and ensure they meet the organization's security needs.

Collaboration & Communication:

• Serve as the primary point of contact between the SOC team and senior leadership, providing regular updates on incident status, trends, and emerging threats.
• Work closely with IT, network, and system teams to ensure security measures are implemented and adhered to.
• Collaborate with internal stakeholders to identify business risks and ensure that SOC activities align with business priorities.
• Maintain relationships with external partners, such as Managed Security Service Providers (MSSPs), threat intelligence vendors, and law enforcement.

Security Monitoring & Threat Intelligence:

• Oversee the monitoring of security events and logs from various sources (firewalls, IDS/IPS, SIEM, etc.) to identify potential threats.
• Ensure that the SOC team is actively engaging in threat intelligence sharing, monitoring emerging threats, and utilizing external threat intelligence feeds.
• Drive the development of proactive threat-hunting initiatives to identify and mitigate potential security threats before they become incidents.

Reporting & Compliance:

• Ensure that security incidents are reported in accordance with organizational policies, legal requirements, and regulatory standards.
• Generate and present regular reports on SOC activities, security incidents, and metrics to senior management and other stakeholders.
• Ensure compliance with relevant regulations (e.g., GDPR, PCI-DSS, HIPAA) by aligning SOC activities with regulatory requirements.
• Oversee the reporting of security metrics, key performance indicators (KPIs), and incident reports to stakeholders.

Continuous Improvement & Risk Management:

• Implement post-incident reviews (PIRs) to assess the effectiveness of the SOC's response and identify opportunities for improvement.
• Lead efforts to refine and enhance SOC capabilities, including toolsets, threat detection, and automation.
• Stay up to date with the latest cybersecurity trends, threats, and technologies, and incorporate these into SOC operations to enhance detection and response.
• Develop and oversee the execution of security awareness programs for the

Required Skills and Qualifications:

Education: Bachelor's degree in Computer Science, Information Security, Cybersecurity, or a related field, or equivalent experience.

Experience:

• Minimum of 7-10 years of experience in security operations, with at least 5 years in a leadership or managerial role in a SOC.
• Hands-on experience in incident detection, response, and management using SIEM platforms, firewalls, IDS/IPS, endpoint detection tools, etc.
• Experience with network and system security, threat intelligence, and vulnerability management.
• Knowledge of security frameworks and compliance standards (NIST, ISO 27001, SOC 2, PCI-DSS, etc.).
• Proven experience leading a team in high-pressure environments and responding to security incidents.

Technical Skills:

• Expertise with SIEM platforms (e.g. LogRhythm, Splunk, QRadar) and incident response tools.
• Knowledge of network security protocols, firewall configurations, and intrusion detection/prevention systems (IDS/IPS).
• Familiarity with endpoint security technologies (EDR, antivirus, etc.) and their integration with the SOC.
• Understanding of scripting and automation tools to streamline SOC workflows (e.g., Python, PowerShell, Ansible).
• Strong knowledge of cybersecurity threat landscape and common attack vectors (e.g., phishing, malware, DDoS).

Preferred Skills:

• Certifications such as CISSP, CISM, CISA, GIAC, or other relevant cybersecurity certifications.
• Experience with cloud security, including security management of cloud environments (AWS, Azure, GCP).
• Familiarity with advanced threat detection techniques, such as behavioral analysis and threat hunting.
• Experience in implementing and managing security automation and orchestration platforms.

Soft Skills:

• Strong leadership, communication, and interpersonal skills.
• Ability to manage multiple priorities and projects in a fast-paced, dynamic environment.
• Strong problem-solving and decision-making abilities.
• Excellent written and verbal communication skills for reporting and presenting security issues and strategies to executive leadership.

If you’re interested in the above job description, please reponed with your comfortable time and I will connect for more details mail id - [email protected].