Job Title:  Associate Director | Security Information and Event Management (SIEM) | Hyderabad | Cyber Defense &

Your Work Profile:

• SOC Operations Management:

• Lead 24/7 operations of the MSSP SOC, ensuring continuous monitoring, analysis, and response to security incidents across multiple client environments.
• Manage and support a team of SOC analysts (Tier 1, Tier 2, Tier 3), incident responders, and engineers in handling security incidents for clients.
• Ensure that SLAs (Service Level Agreements) with clients are met, including response times, reporting, and incident resolution.
• Oversee shift management and ensure that the SOC is properly staffed to meet operational requirements.

• Incident Detection, Response, and Escalation:

• Oversee the detection, investigation, and response to security incidents within client environments.
• Ensure proper escalation of incidents to client contacts based on the severity and impact of the incident.
• Lead incident management processes, ensuring clear communication and effective coordination between SOC teams and clients during incidents.
• Conduct post-incident reviews, ensuring that root causes are identified and that lessons learned are incorporated into operational procedures.

• Customer Relationship Management:

• Serve as the primary point of contact for key client accounts, ensuring effective communication and alignment of security services with client expectations.
• Conduct regular client meetings to discuss SOC performance, incidents, and overall security posture.
• Provide reporting and metrics to clients on security operations, incident handling, and threat landscape updates.
• Address client concerns and feedback, ensuring a high level of customer satisfaction.

• Service Delivery Optimization:

• Continuously review and optimize SOC processes, workflows, and tools to improve efficiency and effectiveness.
• Implement automation and orchestration (SOAR) to streamline repetitive tasks and improve response times.
• Collaborate with security engineering teams to maintain, update, and fine-tune detection systems (SIEM, IDS/IPS, EDR) and ensure the SOC’s capabilities remain state-of-the-art.
• Implement proactive threat hunting and use case tuning to reduce false positives and increase detection accuracy.

• SOC Technology Management:

• Oversee the use and management of SOC tools such as SIEM, SOAR, EDR, threat intelligence platforms, and log management solutions.
• Ensure that log sources, alerts, and security data from client environments are properly ingested and monitored.
• Work with the engineering team to ensure that tools and technologies are up-to-date and meet the operational needs of the SOC and its clients.

• Team Leadership and Development:

• Lead, coach, and mentor the SOC team, providing training and professional development opportunities to enhance their skills and knowledge.
• Conduct performance evaluations, set goals, and provide feedback to SOC team members.
• Foster a culture of collaboration, knowledge sharing, and continuous improvement within the SOC team.
• Ensure team members are cross-trained on various tools and security technologies used within the MSSP SOC.

• Compliance and Reporting:

• Ensure SOC operations comply with industry standards and regulations (e.g., ISO 27001, PCI-DSS, GDPR) and client-specific security requirements.
• Provide regular and ad-hoc reports to clients, demonstrating SOC performance, incident details, threat trends, and service improvements.
• Manage audits and assessments of SOC processes and ensure that the SOC meets internal and external compliance requirements.

• Threat Intelligence and Continuous Improvement:

• Collaborate with the threat intelligence team to stay updated on the latest threats, vulnerabilities, and attack techniques.
• Incorporate threat intelligence into SOC workflows and detection use cases to improve threat detection capabilities.
• Lead efforts to refine and develop new use cases, alerts, and detection logic to ensure the SOC can effectively respond to emerging threats.

• Collaboration and Communication:

• Act as the bridge between the SOC team, other departments, and external partners, ensuring smooth communication and collaboration across the organization.
• Collaborate with the incident response, security engineering, and risk management teams to improve overall security posture.
• Engage with vendors and technology providers to optimize the SOC’s toolset and capabilities.

Key Skills Required:

• Education: Bachelor’s degree in Information Security, Computer Science, or a related field. A Master’s degree in Cybersecurity or Business Management is preferred.
• Experience:
• 12+ years of experience in cybersecurity, with at least 3+ years in SOC management or an equivalent leadership role.
• Experience working in an MSSP or managing security operations for multiple clients is preferred.
• Strong experience with security tools (SIEM, EDR, IDS/IPS), threat intelligence, and incident response.
• Proven track record of leading teams in a 24/7 SOC environment.
• Certifications: One or more of the following (or similar):
• CISSP (Certified Information Systems Security Professional)
• CISM (Certified Information Security Manager)
• GIAC (GCIH, GCIA, GSOC)
• CompTIA Security+
• CEH (Certified Ethical Hacker)