Security Operations Manager (SOC Manager)

$$$$
Product

We are looking for a Security Operations Manager to lead, mature, and operate our resilient security operations capability. In this role, you will own the defense of our environment, ensuring fast and precise threat detection, investigation, containment, and exposure reduction. You will lead our security operations function, making the organization faster in responding to threats while continuously improving controls across the attack surface.

 

Responsibilities

  • Own Cyber Defense execution across SOC, detection engineering, incident response, and exposure remediation
  • Lead alert triage quality, escalation standards, incident command, and response coordination
  • Prioritize critical vulnerabilities and exposures using asset criticality, exploitability, and business impact
  • Manage Cyber Defense dashboards, runbooks, remediation follow-up, and operational metrics
  • Coordinate with IT, Platform, IAM, Product, GRC, Legal, and business owners during incidents and remediation
  • Build and develop the Cyber Defense team, including hiring, onboarding, mentoring, and retaining security talent
  • Drive continuous improvement of detection coverage, response playbooks, and security controls based on lessons learned and threat intelligence
  • Report on Cyber Defense performance, incidents, and risk posture to security leadership and stakeholders

 

Requirements

  • 10+ years of experience in Information Security
  • 3+ years in a security management or team lead role with direct people management experience
  • Hands-on experience managing SOC operations, leading incident command, and driving MTTD/MTTR improvement
  • Ability to design, validate, and maintain detection logic across SIEM, EDR, and cloud platforms, with a deep understanding of runbook development and false-positive reduction
  • Knowledge of top attack scenarios (ATO, credential theft, privilege escalation, data exfiltration) and ability to map detections to threat models like MITRE ATT&CK
  • Experience prioritizing vulnerabilities using CVSS and asset criticality to reduce exposure aging
  • Hands-on experience with at least one enterprise SIEM (Splunk, Microsoft Sentinel, Chronicle, Elastic) and SOAR tooling
  • Understanding of cloud-native security controls and monitoring in AWS, GCP, or Azure
  • Understanding of IAM, PAM, SSO, and identity-related attack vectors relevant to detection and response
  • Ability to define, track, and communicate security KPIs and operational dashboards to technical and executive audiences
  • English - Upper-Intermediate or higher

 

Will be a plus

  • Experience in fintech, e-commerce, or other high-risk industries with complex threat landscapes
  • Hands-on background as a SOC analyst, incident responder, or detection engineer prior to moving into management
  • Experience building a SOC or Cyber Defense function from scratch or significantly maturing an existing one
  • Familiarity with threat intelligence platforms and threat-informed defense methodologies
  • Relevant certifications: CISSP, CISM, GIAC (GSOM, GCED, GCIH) or equivalent

 

We offer

  • 20 paid vacation days per year
  • 10 paid sick leave days per year
  • Public holidays as per the company’s approved Public holiday list
  • Medical budget
  • Opportunity to work remotely
  • Professional education budget
  • Language learning budget
  • Wellness budget (gym membership, sports gear and related expenses)

Required languages

English B2 - Upper Intermediate
Ukrainian Native
Published 9 July
9 views
Β·
1 application
To apply for this and other jobs on Djinni login or signup.
Loading...