IT SOC / MDRR Manager

The SOC & Managed Risk Manager is responsible for leading and overseeing the Security Operations Center (SOC) and Managed Risk Services functions in a multi-tenant managed security environment.This role ensures the efficient delivery of 24/7 threat detection and incident response while also managing vulnerability, risk, and compliance monitoring for multiple enterprise clients.The position requires a balance of technical SOC leadership, client engagement, and risk management oversight, ensuring service excellence and continuous security improvement for all clients.Key Responsibilities=============1. SOC Operations & Incident ManagementLead day-to-day SOC operations across multiple clients, ensuring proactive monitoring, detection, and response to cyber threats.Manage the SOC team (Tier 1–3 Analysts, Threat Hunters, and Incident Responders) to meet service SLAs and maintain quality standardsOversee incident triage, escalation, and post-incident reviews (PIR) with clients and internal teams.Continuously improve detection rules, playbooks, and SOAR automation workflows.2. Managed Risk OperationsOversee vulnerability management services including scanning, assessment, and remediation tracking across client environmentsManage the delivery of Managed Risk services, such as: Vulnerability Assessment & Reporting, Risk Scoring & Prioritization, Patch Management Advisory, Continuous Attack Surface Monitoring, Ensure all risk-related deliverables meet client expectations and align with contractual SLAs, Correlate SOC findings with vulnerability and risk data to provide clients with holistic security insights.3. Client Relationship & ReportingAct as a key point of contact for clients for both SOC and Managed Risk servicesDeliver monthly and quarterly reports on incident trends, vulnerabilities, risk posture, and security improvement recommendationsConduct regular review meetings with clients (QBR – Quarterly Business Reviews)Work with sales and pre-sales teams to identify new opportunities for service expansion.4. Threat Intelligence & Risk CorrelationIntegrate threat intelligence feeds into both SOC detection and risk assessment workflowsUse analytics to correlate active threats with vulnerable assets to prioritize responseMaintain awareness of emerging threats, CVEs, and global cybersecurity trends that may affect clients.5. Quality, Governance, and ComplianceMaintain up-to-date documentation for SOC and Managed Risk processes (SOPs, SLAs, and Runbooks)Ensure compliance with international standards such as ISO 27001, ISO 20000, NIST CSF, and CIS ControlsSupport internal and client-facing security auditsImplement continuous improvement programs to enhance service quality and efficiency.6. People & Capability ManagementTrain and develop team members in both SOC and Risk Management disciplinesManage certifications and skill development plans for analysts and risk consultantsFoster a culture of proactive defense, collaboration, and innovation.Job Requirements:Bachelor’s / Master’s degree in Computer Science, Information Security, or related field in Cybersecurity Management, Risk Management, or IT Governance is an advantageExperience minimum 5–10 years of professional experience in cybersecurity, with at least 3 years in SOC management and 2+ years in risk or vulnerability managementProven experience managing multi-tenant environments within an MSSP or large enterpriseStrong understanding of: SIEM, SOAR, and EDR platforms, Vulnerability management tools (Tenable, Qualys, Rapid7, etc.), Risk frameworks and methodologies (ISO 27005, NIST RMF, FAIR)Strong leadership and team-building skills across multi-disciplinary teamsExcellent client communication and executive presentation abilityStrategic mindset with hands-on problem-solving skillsAble to prioritize and manage multiple client engagements simultaneously.High emotional intelligence and stakeholder management capabilityHold Certifications (Preferred):================Core Security:CompTIA Security+, CEH, or GCIHCISSP / CISM / CRISC (strongly preferred)GIAC (GCIA, GCFA, GRID)