Security Operations Center (SOC) and Compliance Manager

Job Summary:

We are seeking a highly skilled and experienced SOC & Compliance Manager to lead our Security Operations Center (SOC) and ensure compliance with relevant regulations, industry standards, and security frameworks. This role requires a blend of technical expertise, leadership abilities, and an understanding of compliance requirements to manage and improve our cybersecurity posture. The SOC & Compliance Manager will oversee incident response, threat monitoring, security operations, and ensure adherence to regulatory and industry compliance standards.

Key Responsibilities:

SOC Management:

• Lead and manage a team of SOC analysts and engineers to ensure 24/7 monitoring, detection, and response to security incidents
• Oversee the design, implementation, and continuous improvement of security monitoring tools and technologies (e.g., SIEM, IDS/IPS, firewalls, endpoint protection)
• Ensure timely and accurate triage, investigation, and response to security incidents
• Develop, implement, and maintain incident response playbooks, procedures, and escalation processes
• Provide leadership during major security incidents, including coordination with internal and external stakeholders
• Regularly report on security incidents, trends, and overall SOC performance to senior management
  
  
  

Compliance Management:

• Ensure compliance with regulatory requirements and industry standards such as ISO 27001, GDPR, HIPAA, PCI-DSS, SOC 2, and others as applicable
• Develop, implement, and maintain security policies, procedures, and controls to meet compliance requirements
• Conduct internal security audits and risk assessments, ensuring alignment with security frameworks and regulatory requirements
• Coordinate with legal, HR, and other departments to address compliance and regulatory issues
• Manage third-party security assessments, audits, and certifications
• Stay up-to-date with evolving regulations, compliance requirements, and security best practices
  
  
  

Collaboration & Communication:

• Act as a liaison between the SOC team and business units to align security operations with organizational goals
• Work closely with IT, DevOps, and other departments to ensure security is integrated into the organization's technology and business processes
• Provide training and awareness programs to staff on security policies and compliance
  
  
  

Requirements

Required Skills and Qualifications:

• Bachelor's Degree in Information Security, Computer Science, or related field (or equivalent work experience)
• Experience: 7-10 years in cybersecurity, with at least 3-5 years in a SOC leadership role and experience managing compliance programs
• Certifications (Preferred):
• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Certified Information Systems Auditor (CISA)
• Certified in Risk and Information Systems Control (CRISC)
• GIAC Certified Incident Handler (GCIH)
  
  

Technical Expertise:

• Deep understanding of SOC operations, including incident detection, response, and remediation
• Experience working with security tools such as SIEM, IDS/IPS, firewalls, vulnerability management systems, and endpoint protection platforms
• Knowledge of common cybersecurity frameworks such as NIST, ISO 27001, COBIT, and familiarity with laws like GDPR, CCPA, HIPAA
• Familiarity with cloud security (AWS, Azure, GCP) and securing hybrid environments
• Experience with automation and orchestration tools (e.g., SOAR platforms) is a plus
  
  
  

Compliance & Governance:

• Proven experience in ensuring compliance with security standards and regulations (e.g., ISO 27001, PCI-DSS, SOC 2, GDPR, HIPAA)
• Ability to develop, implement, and manage security policies and procedures aligned with regulatory frameworks
• Experience with internal and external audits, risk assessments, and regulatory reporting
  
  
  

Leadership & Soft Skills:

• Strong leadership and management skills, with the ability to mentor and lead a high-performing SOC team
• Excellent written and verbal communication skills for interacting with senior leadership and regulatory authorities
• Strong organizational and project management skills to handle multiple compliance initiatives simultaneously
• Ability to work under pressure and manage security incidents in a fast-paced environment
• Analytical and problem-solving skills to assess security risks and recommend solutions