Security Operations Centre Manager (SOC)

at  UBDS Group

At UBDS Group, with our portfolio including UBDS Digital and Rayo, we are dedicated to fostering an entrepreneurial spirit by investing in innovators who harness technology to drive meaningful change.
The Security Operations Centre (SOC) Manager is responsible for overseeing the daily operations of the SOC team and ensuring the protection of UBDS’ and it’s customers’ information systems by monitoring, detecting, responding to, and recovering from security incidents. This role involves managing a team of SOC analysts and engineers, developing and refining SOC processes, and collaborating with other cybersecurity teams to ensure a comprehensive security posture.

ADDITIONAL REQUIREMENTS

• Availability to work outside of regular business hours as needed, particularly during security incidents.
• Ability to handle high-pressure situations and make decisions quickly.
• Strong ethical standards and a commitment to maintaining the highest levels of confidentiality and integrity.

• SOC Operations Management
• Oversee the daily operations of the SOC, ensuring 24/7/365 monitoring, detection, and response to security incidents.
• Lead the SOC team in handling security events, incidents, and vulnerabilities, ensuring timely and effective resolution.
• Develop and maintain SOC processes, including incident detection, investigation, response, and escalation procedures.
• Team Leadership and Development
• Manage, mentor, and develop a team of SOC analysts and engineers, providing guidance, training, and performance evaluations.
• Ensure the team is equipped with the necessary skills and knowledge to handle emerging threats and technologies.
• Foster a culture of continuous improvement and professional development within the SOC team.
• Technology and Tools Management
• Oversee the implementation, management and continual development of SOC technologies, including SIEM (e.g., Microsoft Sentinel, Splunk), EDR (e.g., Microsoft Defender for Endpoint), and SOAR (e.g., Palo Alto Cortex XSOAR).
• Ensure the integration of threat intelligence platforms, vulnerability management tools, and other security technologies into SOC operations.
• Collaborate with the IT and cybersecurity teams to optimize the use of security tools and ensure they are effectively supporting SOC activities.
• Incident Management
• Lead the incident response process, ensuring incidents are identified, contained, eradicated, and recovered in accordance with established protocols.
• Coordinate forensic investigations and root cause analysis for major incidents, working closely with the incident response team.
• Develop and refine incident response playbooks and ensure they are consistently followed by the SOC team.
• Continual Improvement
• Identify areas for improvement within the SOC and implement enhancements to processes, tools, and team capabilities.
• Stay up-to-date with the latest cybersecurity trends, threats, and technologies, and apply this knowledge to improve SOC operations.
• Conduct regular reviews of SOC performance metrics and incident reports, providing insights and recommendations to senior management.
• Compliance and Reporting
• Ensure that all SOC operations comply with relevant security standards (e.g., ISO27001, NIST, GDPR).
• Provide regular reports to senior management on SOC activities, including incident trends, SOC performance, and security posture.
• Lead audits of SOC processes and systems, ensuring alignment with industry best practices and regulatory requirements.
• Collaboration and Communication
• Act as the primary point of contact for SOC-related matters, liaising with other cybersecurity teams, IT, and business units.
• Coordinate with external partners, including third-party incident response teams and threat intelligence providers.
• Represent the SOC in meetings with senior management and external stakeholders, providing insights on security operations and risk management.