The Role
We are seeking a skilled and detail-oriented Assistant SOC Manager to support the operations of our multi-tenant Security Operations Center (SOC) within a Managed Security Services Provider (MSSP) environment.
This role involves managing SOC analysts, ensuring adherence to SOC policies and procedures, maintaining operational excellence through metrics, and staying ahead of the evolving threat landscape to protect our clients.
The Main Responsibilities
SOC Operations & Team Managemen
Oversee day-to-day SOC operations across multiple client environments, ensuring timely detection, analysis, and response to security incidents.Supervise and mentor SOC analysts, fostering a culture of continuous improvement and technical excellence.Ensure 24/7 coverage and shift coordination, including handover procedures and escalation protocols.Policies, Procedures & Compliance
Assist in developing, maintaining, and enforcing SOC policies, standard operating procedures (SOPs), and incident response playbooks.Ensure SOC activities align with regulatory requirements and client-specific compliance frameworks (e.g., ISO 27001, GDPR, PDPA).Conduct periodic reviews and updates of SOC documentation to reflect changes in technology, threat landscape, and client needs.Operational Metrics & Reporting
Define and track key performance indicators (KPIs) and service level agreements (SLAs) for SOC operations.Generate and present operational dashboards and reports to internal stakeholders and clients, highlighting incident trends, response times, and SOC effectiveness.Identify areas for improvement based on metrics and drive initiatives to enhance SOC performance.Threat Intelligence & Landscape Awareness
Monitor global and regional threat intelligence feeds to stay informed of emerging threats, vulnerabilities, and attack techniques.Collaborate with threat intelligence teams to contextualize threats for MSSP clients and integrate findings into detection and response strategies.Support proactive threat hunting and red/blue team exercises to validate SOC readiness.Client Engagement & Service Delivery
Act as a technical point of contact for clients during incident investigations and post-incident reviews.Support onboarding of new clients, including log source integration, rule tuning, and documentation.Ensure consistent and high-quality service delivery across all client engagements.What We Look For in a Candidate
Education & Experience:
Bachelor’s degree in Cybersecurity, Computer Science, or related field.5+ years of experience in cybersecurity, with at least 2 years in a SOC or MSSP environment.Experience in managing or mentoring technical teams and working in client-facing roles.Technical Skills:
Proficient in SIEM platforms (e.g., Splunk, QRadar, LogRhythm), EDR tools, and SOAR technologies.Strong understanding of network security, malware analysis, and incident response methodologies.Familiarity with multi-tenant environments and client-specific security requirements.Experience with scripting and automation (e.g., Python, PowerShell) is a plus.Soft Skills:
Strong leadership, communication, and interpersonal skills.Ability to manage multiple priorities and client expectations in a fast-paced environment.Excellent analytical and problem-solving abilities.Preferred Certifications:GIAC (e.g., GCIH, GCIA, GCFA), CEH, CISSP, or equivalenCompensation