Job Description

Job Summary: We are seeking a dynamic and experienced Cybersecurity SOC Group Head to lead and oversee the operations, strategy, and continuous improvement of our 24/7 Security Operations Center. This role is critical to managing cyber threats, detecting and responding to incidents, and ensuring the overall security posture of the organization. The ideal candidate will bring a strategic vision, deep technical expertise, and strong leadership to transform and evolve SOC capabilities. Qualifications: Bachelors or Master s degree in Computer Science, Information Security, or related field. Minimum 12+ years of cybersecurity experience, with at least 5+ years in SOC leadership roles. Proven experience managing large SOC teams in enterprise environments or MSSP settings. Strong knowledge of SIEM (e.g., Splunk, Qradar, MS Sentinel ), SOAR, EDR (e.g., CrowdStrike,Microsoft Defender for Endponts), and cloud security. Deep understanding of attack vectors, threat landscapes, and incident response lifecycle. Relevant certifications such as CISSP, CISM, GIAC, or SANS GCIH/GSOC preferred. Soft Skills: Excellent leadership, people management, and conflict resolution skills. Strong communication and reporting abilities for executive-level stakeholders. Ability to work under pressure during high-stress cyber incidents. Preferred Experience: Experience in multi-tenant SOC environments or MSSPs. Familiarity with OT/ICS security (for industrial environments) is a plus. Global experience across multiple geographies and regulatory landscapes. Strategic Leadership: Define the vision, strategy, and roadmap for SOC operations in alignment with enterprise cybersecurity goals. Drive maturity improvements using NIST CSF, MITRE ATT&CK, and other industry frameworks. Oversee budget planning, resource allocation, and SOC capability development. Operations Oversight: Manage daily SOC operations, including threat monitoring, detection, triage, incident response, and escalation. Lead efforts to enhance SOC processes, use cases, and threat detection logic. Establish and enforce KPIs, SLAs, and operational metrics to evaluate performance. Team Management: Build and lead a team of SOC analysts, incident responders, threat hunters, and shift leads. Develop training programs and career paths to upskill and retain top cybersecurity talent. Establish a 24/7 shift model (if not already implemented) and ensure coverage during cyber crises. Technology & Tools: Oversee and optimize the use of SIEM, SOAR, EDR, XDR, and threat intelligence platforms. Collaborate with engineering and IT teams to integrate data sources and enrich detection capabilities. Lead initiatives to automate repetitive tasks and enhance alert quality through use of ML/AI where applicable. Incident Management: Serve as executive escalation point for critical incidents and major breaches. Coordinate with IR teams, forensic experts, legal, PR, and compliance during high-impact events. Conduct post-incident reviews and ensure root cause remediation. Collaboration & Compliance: Act as the SOC representative in internal audits, regulatory assessments, and external engagements. Collaborate with threat intelligence, GRC, infrastructure, and application security teams. Ensure alignment with compliance requirements such as ISO 27001, NIST, GDPR, HIPAA, etc.