Senior Associate (Manager, Security Ops Centre)

---

Senior Associate (Manager, Security Ops Centre)

 

Our Security Operations Centre is a critical part of our Cyber Security division’s success. 

As a Senior Associate (SOC Manager), you will deploy your cybersecurity expertise in a senior delivery role across our managed detection and response services. 

In this role, you will oversee the day-to-day operations of the SOC, manage and develop a team of analysts, and ensure our clients’ security posture is maintained at the highest level. The SOC Manager is responsible for developing the SOC as a team, continuous improvement of processes, coordinating the shift, acting as an escalation point for high-priority, complex security incidents, and continuously optimising performance. This is a hybrid role, requiring a mix of remote work and in-office leadership.

Delivery

• SOC Leadership: Manage the overall operations of the SOC, including staffing, training, and performance management of SOC analysts at all levels.

• Incident Management: Act as an escalation point and oversee the response to significant and/or complex security incidents, providing guidance to analysts and ensuring incidents are handled in a timely, efficient manner.

• Reporting and Metrics: Develop and deliver regular reports on SOC performance, incidents, and security metrics to clients and senior leadership, including trend analysis and recommendations for improvement.

• Line Management: Take responsibility for day-to-day line management of the SOC team, including performance appraisals, professional development, and ensuring that team members have the support and resources necessary to excel in their roles.

• Toolset Management: Working with SOC engineering, ensure that security tools (e.g., EDR, XDR and SIEM) are optimally configured, updated, and aligned with industry best practices.

• Resource Management: Manage SOC resources, ensuring the allocation of resources for technology, staffing, and training to meet the needs of the organisation.

• Risk Management: Collaborate with senior leadership and risk management teams to align SOC operations with S-RM’s corporate risk management framework and security policies.

• Participation in an OOH On-Call Rota: 1 week in every 4.

Growth of the team

• Capability Development: Contribute to and implement the SOC roadmap to continuously improve security monitoring, incident detection, response, and threat hunting capabilities.

• Process Optimisation: Enhance SOC processes, workflows, and incident response protocols to ensure increasingly efficient and effective operations.

• Technology Management: Work with our technical team on security technology roadmap and with vendors to assess new tools, manage existing tools, and stay up to date on the latest capabilities.

• Training and Mentoring Staff: Lead on delivering training and mentoring schemes to enhance the technical and professional skills of your team members. Create a supportive learning environment that encourages continuous improvement and knowledge sharing. Provide regular feedback, guidance, and career development opportunities to nurture talent within the team.

• Collaborating with Global Teams: Work closely with other S-RM cybersecurity teams to ensure seamless integration of SOC operations with our broader cybersecurity initiatives and business units especially Incident Response.

• Contributing to Internal Technical Development Initiatives: When the schedule allows, you will have opportunities to participate in and contribute to internal technical development initiatives, enhancing our tools, processes, and overall incident response capabilities.

What we're looking for

Candidates with the following qualifications and experience are likely to succeed in our Managed Services practice at S-RM. 

That said, if you don’t think you meet all of the criteria below but still are interested in the job, please apply. Nobody checks every box—we’re looking for candidates that are particularly strong in a few areas 
and have some interest and capabilities in others.

We nurture a culture of equality, diversity and inclusion and we are dedicated to developing a workforce that displays a variety of talents, experiences and perspectives.

We’re looking for:

• Qualifications: We are looking for experience first and foremost; academic qualifications are not 
  essential to this role but you may well have a Bachelor’s or Master’s qualification in a relevant subject, for example, Information’s Systems or Computer Science. Holding any of the following is also beneficial:CISSP, CISM, GREM, CCNA, OSCP, Network+ and Security+
• Experience: 5+ years of experience in security operations, with at least 2 years in a junior leadership or management role, eg senior analyst, team leader.
• Approach: An investigative mindset. You should be comfortable solving problems with limited information and guidance.
• Strategic Thinking: Ability to contribute to and implement a long-term SOC roadmap that aligns with 
  our business goals and emerging cybersecurity trends.
• Technical Expertise: Experience with EDR and SIEM platforms, including management and 
  configuration of these tools.
• Incident Response: Expertise in managing and leading incident response efforts, including 
  coordination with external stakeholders.
• Threat intelligence: Some demonstrable knowledge of cyber threat actors, and their tactics, 
  techniques, and procedures. 
• Communication: Clear and concise communication skills, with the ability to work effectively across teams; you should be able to communicate technical findings for a non-technical audience in a professional setting.

The successful candidate must have permission to work in South Africa by the start of their employment.

To apply for this role, please submit an up-to-date CV through this link: Job Application for Senior Associate (Manager, Security Ops Centre) at S-RM (greenhouse.io)