Job Description
Tech Talent Acquisition Specialist | Specialization Hiring for Network Engineer, IT Security Engineer, NOC & SOC
The SOC & Managed Risk Manager is responsible for leading and overseeing the Security Operations Center (SOC) and Managed Risk Services functions in a multi-tenant managed security environment.
This role ensures the efficient delivery of 24/7 threat detection and incident response while also managing vulnerability, risk, and compliance monitoring for multiple enterprise clients.
The position requires a balance of technical SOC leadership, client engagement, and risk management oversight, ensuring service excellence and continuous security improvement for all clients.
Key Responsibilities
1. SOC Operations & Incident Management
Lead day-to-day SOC operations across multiple clients, ensuring proactive monitoring, detection, and response to cyber threats.
Manage the SOC team (Tier 1–3 Analysts, Threat Hunters, and Incident Responders) to meet service SLAs and maintain quality standards.
Oversee incident triage, escalation, and post‑incident reviews (PIR) with clients and internal teams.
Continuously improve detection rules, playbooks, and SOAR automation workflows.
2. Managed Risk Operations
Oversee vulnerability management services including scanning, assessment, and remediation tracking across client environments.
Manage the delivery of Managed Risk services, such as: Vulnerability Assessment & Reporting, Risk Scoring & Prioritization, Patch Management Advisory, Continuous Attack Surface Monitoring; ensure all risk‑related deliverables meet client expectations and align with contractual SLAs; correlate SOC findings with vulnerability and risk data to provide clients with holistic security insights.
3. Client Relationship & Reporting
Act as a key point of contact for clients for both SOC and Managed Risk services.
Deliver monthly and quarterly reports on incident trends, vulnerabilities, risk posture, and security improvement recommendations.
Conduct regular review meetings with clients (QBR – Quarterly Business Reviews).
Work with sales and pre‑sales teams to identify new opportunities for service expansion.
Integrate threat intelligence feeds into both SOC detection and risk assessment workflows.
Use analytics to correlate active threats with vulnerable assets to prioritize response.
Maintain awareness of emerging threats, CVEs, and global cybersecurity trends that may affect clients.
5. Quality, Governance, and Compliance
Maintain up-to-date documentation for SOC and Managed Risk processes (SOPs, SLAs, and Runbooks).
Ensure compliance with international standards such as ISO 27001, ISO 20000, NIST CSF, and CIS Controls.
Support internal and client‑facing security audits.
Implement continuous improvement programs to enhance service quality and efficiency.
6. People & Capability Management
Train and develop team members in both SOC and Risk Management disciplines.
Manage certifications and skill development plans for analysts and risk consultants.
Foster a culture of proactive defense, collaboration, and innovation.
Job Requirements
Bachelor’s / Master’s degree in Computer Science, Information Security, or related field in Cybersecurity Management, Risk Management, or IT Governance is an advantage.
Experience minimum 5–10 years of professional experience in cybersecurity, with at least 3 years in SOC management and 2+ years in risk or vulnerability management.
Proven experience managing multi-tenant environments within an MSSP or large enterprise.
Strong understanding of: SIEM, SOAR, and EDR platforms, Vulnerability management tools (Tenable, Qualys, Rapid7, etc.), Risk frameworks and methodologies (ISO 27005, NIST RMF, FAIR).
Strong leadership and team‑building skills across multi-disciplinary teams.
Excellent client communication and executive presentation ability.
Strategic mindset with hands‑on problem‑solving skills.
Able to prioritize and manage multiple client engagements simultaneously.
High emotional intelligence and stakeholder management capability.
Hold Certifications (Preferred)
CompTIA Security+, CEH, or GCIH.
CISSP, CISM, CRISC.
GIAC (GCIA, GCFA, GRID).
Seniority Level
Mid‑Senior level
Employment Type
Full-time
Job Function
Consulting and Information Technology
Industries
IT Services and IT Consulting
#J-18808-Ljbffr
