Job Description

Job Title: Security Operations Center (SOC) Manager L3
Location: Navi Mumbai / Mumbai
Department: Security Operations
Job Type - Contract to Hire
Job Summary:
The SOC Operations Manager is responsible for managing day-to-day operations of the Security Operations Center. This role acts as the single point of contact for all operational issues, coordinates incident management, supervises the SOC team, and ensures timely resolution of security incidents. The manager will work closely with technical teams, customers, and multiple stakeholders to maintain network and security stability, improve processes, and deliver excellent customer service.
Key Responsibilities:

• Act as the primary point of contact for all operational issues within the SOC and coordinate technical issues with internal teams and customers.
• Manage and oversee network and security operations, proposing and implementing best practice solutions for improved SOC efficiency.
• Lead incident management efforts including coordination of incident calls, escalation, and resource allocation to resolve security events swiftly.
• Maintain visibility with senior management by providing regular updates and governing the SOC team aligned with customer environment needs.
• Document and escalate incidents with detailed history, status, and potential impact to the SOC and relevant stakeholders.
• Create and maintain operational procedures, runbooks, and work instructions to ensure smooth SOC functions.
• Arrange training and mentoring programs for SOC analysts (L0/L1/L2) to enhance skills and understanding of security architecture.
• Provide customers with timely updates on escalated security incidents and ensure commitments are met.
• Monitor case resolution and follow up on open action items weekly to ensure timely closure.
• Document weekly and monthly SOC activity and progress for governance and review calls.
• Drive process improvements and perform performance analysis to optimize SOC operations.
• Manage SOC personnel and resources effectively to meet team objectives.
• Collaborate with external support teams, such as vendor post-sales teams, to ensure effective resolution of incidents.
• Supervise daily ticketing operations and ensure quality handling of security alerts and trouble tickets.
• Coordinate network maintenance, change management, and schedules to minimize security risks.
• Organize and conduct regular meetings (weekly, monthly, quarterly) to present performance reports and address customer support needs.
• Ensure network and security stability by enforcing processes and procedures within the SOC.
• Provide leadership and motivation to the SOC team, focusing on objective-driven performance.
• Work closely with other departments to foster cross-functional collaboration and synergy.

Day-to-Day Activities:

• Manage critical incident response and coordinate with technical teams and TAC (Technical Assistance Center) as required.
• Analyze IM/RF/CR tickets and assign to appropriate team members for closure; monitor ticket quality.
• Conduct regular health checks and automated incident management analysis, providing feedback for corrective action.
• Lead daily team calls to discuss progress, pending issues, and improvement points.
• Monitor and respond to escalated emails promptly.
• Allocate and manage resources according to scheduled activities and troubleshooting needs.
• Continuously enhance processes to improve daily SOC activities.
• Audit and close pending action points.
• Assign and follow up on tasks related to planned changes with team members and leads.
• Oversee change management processes including end-to-end follow-up and approval until the CAB (Change Advisory Board) call.
• Conduct alternate day calls with vertical heads to review progress and pending items.
• Organize and lead CAB calls to present planned changes.
• Manage team roster, resource allocation, and leave to maintain coverage.
• Coordinate with multiple stakeholders and external teams to meet operational requirements.
• Follow up on ongoing issues and collaborate with teams like Data Center and ISP for upgrades and modifications until resolution.

Qualifications:

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related field.
• Relevant certifications such as CISSP, CISM, CEH, or equivalent preferred.
• Minimum 10 years of experience in managing 24/7 SOC teams.
• Strong knowledge of incident management, change management, and network security principles.
• Experience with SIEM tools, threat intelligence platforms, and ticketing systems.
• Excellent communication, leadership, and stakeholder management skills.
• Ability to work under pressure and manage multiple priorities.

Skills Required