Job Description

Job Title : VP - SOC Manager
Experience : 15-20 Years
Location : Mumbai




Key Responsibilities:



Lead and manage a 24x7 SOC team across shifts, ensuring continuous operational coverage. Oversee threat monitoring, detection, analysis, incident response, and vulnerability management. Establish, document, and continuously improve SOC processes, playbooks, and workflows for effective incident handling. Manage relationships with global/regional stakeholders, business units, and drive SOC service expansion at the group level while ensuring compliance with regulations such as DORA and MAS. Collaborate with internal IT, legal, compliance, risk teams, and external parties during investigations and incident responses. Drive use case development, detection tuning, and threat hunting using SIEM, SOAR, and threat intelligence platforms. Implement SOC control objectives and lead continuous improvements in SOC metrics, KPIs, SLAs, and service performance. Conduct threat modeling, incident simulations (e.g., tabletop exercises), and post-incident reviews to strengthen defenses. Evaluate and recommend tools, technologies, and services to enhance SOC capabilities and effectiveness. Ensure adherence to relevant security standards and frameworks (e.g., ISO 27001, NIST, GDPR). Mentor and develop SOC analysts through structured coaching, training, and career development programs. Support audits by providing required evidence and documentation. Develop and manage automation tools, scripts, and processes for cyber risk monitoring and intelligence gathering. Create metrics and executive reports for senior leadership visibility. Manage projects within the Intelligence Lifecycle, ensuring proper documentation. Flexibility to work during off-hours or weekends when necessary.


Requisites:
Strong expertise across security domains including Security Operations Center (SOC), Incident Response, Threat Intelligence, Digital Forensics, Threat Hunting, and Malware Analysis. Proven track record of managing security events in mission-critical environments, providing hands-on troubleshooting, deep analysis, and technical guidance to resolve incidents within defined SLAs. Practical experience with MITRE ATT&CK framework and incident response methodologies such as NIST and SANS. In-depth knowledge of enterprise detection tools and processes, including Advanced Threat Detection, IDS/IPS, Network Packet Analysis, and Endpoint Protection. Proficient in SIEM, EDR, Data Lakes, and UEBA platforms such as ArcSight, QRadar, ElasticSearch, and SOAR solutions, with capability to assist teams in complex investigations and operational challenges. Skilled in the complete Use Case Management lifecycle, with continuous monitoring of emerging threats to enhance SOC monitoring capabilities. Experienced in managing day-to-day SOC operations, including security monitoring, data correlation, threat detection, and cloud monitoring. Strong background in implementing and monitoring cloud security controls for AWS and Azure environments. * Advanced understanding of network protocols, operating systems (Windows, Unix, Linux), and databases.