Senior Manager, SOC Operations
About the role
POSITION SUMMARY
We are seeking an accomplished Senior Manager of SOC Operations to oversee the Global Security Operations Centers across multiple locations, responsible for monitoring, detecting, and responding to threats impacting nearly three million endpoints within a multi-tenant environment. This leadership position requires extensive operational experience in large-scale settings, ideally within MSP or MSSP contexts, or similar managed multi-client environments. The Senior Manager will operate within a next-generation, AI-powered SOC, where they will lead and manage the response team, leveraging advanced artificial intelligence technologies to enhance detection, response, and overall security operations.
The successful candidate will be responsible for advancing operational excellence through the training and development of analysts, automation of routine tasks, proactive threat hunting, identifying and implementing improvements in tools and processes, and maintaining robust customer engagement to ensure exceptional service delivery and outcomes. This role is instrumental in scaling SOC capabilities while upholding precise and swift response times and driving ongoing enhancements in a rapidly evolving threat landscape.
Qualified candidates who demonstrate strategic vision in building high-performing teams, optimizing operations through automation, and delivering superior customer outcomes in managed environments are encouraged to apply.
KEY RESPONSIBILITIES
- Response Team Operations: Oversee day-to-day operations of a multilocation, global 24/7 SOC, monitoring ~3 million endpoints, including post AI investigation human response, incident response, escalation processes, and performance metrics/KPIs across shifts and global teams.
- Team Development & Training: Recruit, mentor, and train SOC analysts and team leads, develop career progression paths, conduct regular skills assessments, and deliver ongoing training on tools and best practices.
- Process Automation: Identify and implement automation opportunities (e.g., via scripting, SOAR platforms, or custom playbooks) to reduce manual workload, improve efficiency, and minimize response times.
- Threat Hunting & Proactive Defense: Actively assist with and lead threat hunting initiatives; collaborate with analysts to hunt for advanced persistent threats, refine and optimize detection rules and alerting and continuously tune customer environments.
- Continuous Improvement: Evaluate and recommend enhancements to SOC tools, technologies, processes, and workflows.