SOC Supervisor

Role Summary

Duties And Responsibilities

SOC Operations Management

• Oversee daily SOC operations, ensuring continuous monitoring and timely response to security alerts.
• Supervise SOC Analysts (L1) and ensure adherence to SOPs and SLAs.
• Ensure optimal performance and availability of SIEM platforms (e.g., Wazuh or equivalent).

Incident Response & Management

• Act as the primary escalation point for security incidents.
• Lead incident response activities including identification, containment, eradication, and recovery.
• Perform root cause analysis (RCA) and ensure proper documentation of incidents.
• Coordinate with internal teams (NOC, IT, Network) during incident handling.

Threat Detection & Use Case Management

• Develop, implement, and optimize SIEM use cases and correlation rules.
• Analyze emerging threats and integrate threat intelligence into detection mechanisms.
• Continuously improve detection capabilities and reduce false positives.

Compliance & Governance

• Ensure SOC operations comply with organizational policies and regulatory requirements.
• Support audits by providing necessary reports, logs, and documentation.
• Maintain and enforce log retention, monitoring, and access control policies.

Reporting & Documentation

• Prepare and present incident reports, SOC performance reports, and risk assessments.
• Maintain SOC documentation including SOPs, playbooks, and escalation matrices.
• Provide management with actionable insights on security posture and risks.

Stakeholder Coordination

• Act as the point of contact for security incidents and escalations.
• Coordinate with external auditors, vendors, and regulatory bodies.
• Work closely with NOC and infrastructure teams for proactive threat mitigation.

Other Duties

• Lead security drills, tabletop exercises, and incident simulations.
• Support cybersecurity projects and initiatives.
• Provide training and guidance to SOC Analysts and relevant teams.

Job Specifications

• Bachelors’ degree in Cyber security, Computer Science or related field.
• 3–4 years of experience in IT/ Security and SOC/Incident response experience.
• Strong expertise in SIEM platforms.
• Deep understanding of network security, firewalls, IDS/IPS, VPNs.
• Hands-on experience with incident response and threat analysis.
• Knowledge of threat intelligence, vulnerability management, and log analysis.

Location