SOC Manager

4 days ago Be among the first 25 applicants Get AI-powered advice on this job and more exclusive features. Direct message the job poster from Graybox Security SOC Manager Location: Remote / Anywhere in the Philippines Employment Type: Full-Time | Senior-Level | Flexible Shifts (24x7 Coverage) Industry: Cybersecurity / Managed Security Operations Center (MSOC) About Us Graybox Security is a trusted information security, data privacy, and cybersecurity firm dedicated to protecting organizations from evolving digital threats. We offer expert-driven solutions to help businesses safeguard their assets, maintain compliance, and ensure operational resilience. Specializing in cybersecurity consulting and managed security services, we provide advanced capabilities such as Managed Detection and Response (MDR) and Managed Security Operations Center (MSOC) for 24/7 threat monitoring and protection. Founded by industry professionals with decades of experience and leadership in ISO, OWASP, CIS, Graybox Security supports clients from S&P 500 enterprises to SMEs and government agencies with proactive and scalable security solutions. Why Join Us? Learn from the best: Work alongside and learn from top-tier cybersecurity specialists from a leading expert security firm. Premium Certifications & Training: Gain access to certifications like CompTIA, EC-Council, and exclusive internal cybersecurity programs. Personalized Mentorship: Receive coaching from some of the Philippines’ best security professionals. Flexible, People-First Culture: Experience a work environment that supports your career and personal development. Cutting-Edge Technology: Work with AI-driven security technologies in a modern MSOC environment. Role Overview The SOC Manager is a critical, leadership-level role responsible for the entire operation and strategic direction of the Managed Security Operations Center (MSOC). This role requires a blend of technical expertise, exceptional people management skills, and a strategic understanding of threat landscapes and customer service delivery. The Manager is accountable for the performance of the L1/L2/L3 teams, maintaining service delivery quality, continuous process improvement, major incident management, and serving as the primary technical escalation point for high-severity incidents and customer management. Key Responsibilities Financial Management: Responsible for managing the SOC's budget, optimizing resources, and ensuring cost-effective operations while aligning security goals with the organization's financial objectives. Performance Management: Oversee the day-to-day operations of the SOC team (L1, L2, L3 Analysts), including scheduling, shift management, performance reviews, and training/mentoring to ensure high standards of technical excellence and incident handling. Operational Excellence: Define, refine, and enforce SOC processes, Standard Operating Procedures (SOPs), and Playbooks to ensure consistency, efficiency, and adherence to Service Level Agreements (SLAs). Major Incident Commander: Serve as the ultimate escalation point for all high-severity/critical incidents, taking command of the War-Room to drive containment, eradication, and recovery efforts. Quality Assurance: Conduct regular reviews of high-fidelity incidents, Root Cause Analysis (RCA), and forensic reports to ensure accuracy, completeness, and alignment with frameworks like MITRE ATT&CK. Strategic & Customer Engagement Customer Relationship: Act as the primary technical point of contact for customer management, providing executive-level incident summaries, post-mortem analysis, and remediation guidance. Threat Intelligence & Hunting: Guide the L3 analysts on proactive Threat Hunting strategies and ensure that Cyber Threat Intelligence (CTI) is effectively integrated into the detection and response lifecycle. Technology & Automation: Oversee the utilization and optimization of the core Security Ecosystem tools (SIEM/XDR, EDR, SOAR, CTI, Incident Management). Drive initiatives to increase SOAR Automation enhancements and adoption for faster and more consistent response actions. Reporting & Compliance Metric Reporting: Develop and present regular operational and security metrics to internal stakeholders and customers, highlighting key performance indicators (KPIs), threat trends, and risk reduction progress. Audit Readiness: Ensure all incident documentation and processes meet regulatory and compliance requirements. Qualifications & Skills Proven min. 4 years SOC leadership and team management experience, including scheduling, mentoring, performance reviews, defining and enforcing SOC processes, SOPs, playbooks, and meeting SLAs. Min 5 years experience and solid knowledge of incident response, forensic investigations, root cause analysis, crisis management and war-room leadership capabilities. Ability to engage with customers, provide executive incident summaries, and oversee remediation guidance. Skills in guiding threat hunting and integrating cyber threat intelligence effectively into SOC workflows. Proficiency in managing and optimizing security tools such as SIEM/XDR, EDR, SOAR, and CTI platforms, and driving automation adoption. Strong capabilities in operational and security metrics reporting and ensuring audit and compliance readiness. Relevant certifications (e.g., CISSP, GIAC, or equivalent) and solid understanding of frameworks like MITRE ATT&CK. Excellent communication, problem-solving, and multitasking skills with a balance of technical and strategic acumen. Strong budget and resource management skills to ensure cost-effective SOC operations aligned with business goals. Referrals increase your chances of interviewing at Graybox Security by 2x #J-18808-Ljbffr