Manager, IT - SOC

Title

Manager, IT – SOC

The Manager, IT SOC leads and develops a global Security Operations Center team, ensuring 24/7 security monitoring, effective incident response, and proactive vulnerability management across the organization. The role provides technical leadership, operational governance, and strategic direction to protect the company’s infrastructure, cloud environments, applications, and data from cyber threats.

• Lead and manage the global SOC team of analysts across multiple time zones.
• Ensure continuous monitoring of security events using SIEM, EDR/XDR, NDR, and cloud security tools.
• Define, maintain, and optimize SOC processes, playbooks, and runbooks.
• Improve detection use cases to reduce false positives and increase coverage.
• Manage SOC KPIs and SLAs (MTTD, MTTR, alert volume, incident closure rates).
• Oversee security incident handling from triage to containment, eradication, and recovery.
• Act as escalation point for major incidents and coordinate with IT, Infosec, Business, Legal, and Communications teams.
• Lead post‑incident reviews and implement remediation plans.
• Coordinate with external partners such as MDR providers, forensics firms, and law enforcement when required.
• Collaborate on vulnerability management lifecycle: scanning, prioritization, remediation tracking, and reporting.
• Work with infrastructure, cloud, and application teams to ensure timely patching and risk mitigation.
• Define vulnerability SLAs based on risk and business criticality.
• Contribute to security policies, standards, and operating procedures.
• Support audits and regulatory requirements (ISO 27001, NIST, SOC2, PCI DSS, GDPR, HIPAA, FEDRAMP, IRAP).
• Maintain documentation and evidence for security operation controls.
• Own SOC tooling strategy and evaluate new security technologies.
• Drive automation and orchestration to improve SOC efficiency.
• Manage and mentor SOC analysts across regions and time zones.
• Define shift models, on‑call rotations, and coverage strategy.
• Conduct performance reviews, training plans, and career development.
• Produce executive‑level security operations reports and dashboards.

• Bachelor’s degree preferred with minimum 10 years of relevant experience, OR Master’s degree with minimum 8 years, OR equivalent combination.
• 7–12+ years in cybersecurity with 3–5+ years in SOC or security operations leadership.
• Proven experience managing distributed/global security teams.
• Strong background in incident response, security monitoring, and vulnerability management.
• U.S. Citizen or Permanent Resident (no sponsorship).
• Relevant certifications (GIAC, OSCP, HTB) preferred.
• Mastery of SIEM platforms (Splunk, Microsoft Sentinel, QRadar, Elastic), EDR/XDR solutions, and cloud security monitoring.
• Proficiency with vulnerability management tools and knowledge of NIST, MITRE ATT&CK, ISO 27001, SOC2, CIS benchmarks, ITIL.
• Basic knowledge of SOAR, threat intelligence platforms, and security automation.
• Experience with cloud platforms (Azure, AWS, GCP) and web application & database security.

• Strong leadership and people‑management skills.
• Process‑driven, comfortable with crisis management and problem solving.
• Excellent communication and documentation abilities.
• Team player adept at working in multicultural, global teams and across time zones.

Base range: $108,750 – $181,250 per year.

Additional compensation may include an uncapped commission plan.

Benefits include medical, dental, vision, and retirement with company match.

As set forth in Ivalua’s Equal Employment Opportunity policy, we do not discriminate on the basis of any protected group status under any applicable law.