Lead and manage 24x7 SOC operations including monitoring, detection, triage, investigation, containment, and response activities. • Develop and maintain SOC operational procedures, workbooks, playbooks, runbooks, escalation matrices, and incident handling standards. • Ensure continuous monitoring of security events, alerts, and incidents across enterprise infrastructure, endpoints, applications, and cloud environments. • Establish and track SOC KPIs, SLAs, MTTR, MTTD, and operational effectiveness metrics. • Conduct regular SOC maturity assessments and implement continuous improvement initiatives by effective use-case tuning, alert correlation, and threat hunting activities. • Manage SOC staffing, shift planning, analyst development, and operational coverage. • Oversee detection and response activities for cybersecurity incidents including malware, ransomware, phishing, insider threats, unauthorized access, data exfiltration, and cloud security events. • Lead incident response coordination during major security incidents and cyber crises. Technical Skills • Hands-on expertise with: o Microsoft Sentinel, Kusto Query Language (KQL), Microsoft Defender XDR. o Expertise in Cyber Security attacks, tools & techniques, and experience with Advanced Threat management. o Experience in SIEM tools, SOAR and Threat Intelligence platforms. o Knowledge of various operating system flavors, Applications, Databases, Middleware to address security threats against the same. o Experience/knowledge in Digital Forensics. o Exposure to Cloud, Mobile and other latest technologies. o Identity and access management principles. o Cloud security management Qualifications • 8+ years of cybersecurity experience with at least 3–5 years in SOC leadership or management roles. • Experience managing enterprise SOC operations • Strong experience with cloud security operations and Microsoft security ecosystem. • Security related certifications. Soft Skills • Strong leadership and team management capabilities • Excellent analytical and problem-solving skills • Effective stakeholder communication and reporting skills • Ability to work under pressure during critical incidents • Cross-functional collaboration abilities
