Security Operations Center Manager - Cybersecurity

Job Title : Security Operations Center Manager - Cybersecurity

Department : Cyber Security

Employment Type : Full-Time (Work from Office)

Shift : 24 / 7 Rotational

Location : Greater Noida, Noida

Experience : 8-15 Years

Role Summary :

The Security Operations Center Manager - Cybersecurity is responsible for end-to-end SOC operations including SLA governance, shift management, detection & response oversight, stakeholder communication, and process improvement. The role ensures 24 / 7 operational excellence, leads multi-level SOC teams, manages incidents, and drives SOC maturity, automation, and compliance.

Key Responsibilities :

• Lead 24×7 SOC operations, ensuring SLA compliance and high-quality service delivery.
• Manage incident lifecycle : detection, triage, IR, RCA, recovery, closure.
• Lead major incident war rooms (P1 / P2) and approve final RCA reports.
• Oversee SIEM, SOAR, EDR, TIP tools and drive automation & optimization.
• Lead detection engineering efforts—use case development, tuning, false-positive reduction.
• Integrate threat intelligence feeds and ensure effective correlation.
• Govern SOC SOPs, playbooks, and documentation; ensure audit readiness.
• Manage client communication, QBRs, escalations, onboarding, and service reviews.
• Ensure compliance with ISO 27001, ISO 22301, PCI DSS, RBI / SEBI / NCIIPC, GDPR, DPDPA.
• Drive SOC KPIs, dashboards, reporting, and data-driven improvements.
• Oversee multi-tenant SOC operations and ensure data segregation.
• Manage vendors, budgets, resources, and future capacity planning.
• Own SOC BCP / DR strategy and conduct periodic failover drills.
• Lead training, knowledge management, and team skill development.

Required Qualifications :

Education

Bachelor’s degree in Cybersecurity, IT, CS, E&TC, or equivalent.

Master’s degree in Cybersecurity, Information Security, IT, CS, E&TC (preferred).

Digital Forensics background (optional but valued).

Certifications

Mandatory :

CISSP

DevSecOps exposure

Good to Have :

CISM, ITIL, GCIA, GCIH, BTL2, SC-200 / SC-100, AWS Security, CCSP, Splunk Architect, Microsoft Sentinel, QRadar, XSOAR / Siemplify Admin.

Technical & Tool Expertise :

SIEM : Splunk, QRadar, Sentinel, LogRhythm, ArcSight

SOAR : XSOAR, IBM Resilient, Splunk SOAR, Siemplify

EDR / XDR : CrowdStrike, SentinelOne, Defender, Trellix

TI : MISP, Anomali, Recorded Future

Ticketing : ServiceNow, Jira, TheHive

Dashboards : Power BI, Kibana, Grafana

Vulnerability / Asset Tools : Qualys, Tenable, Rapid7