Description

We are establishing a lean, cloud-hosted, open-source Security Operations Center (SOC) designed to be revenue-generating, SOC2-aligned, and cost-efficient, following globally recognized standards.

The Security Operations & Offensive Security Manager will lead the end-to-end setup, operation, and commercialization of the SOC platform, while driving penetration testing and advanced security assessment services.

This is a hands-on leadership role responsible for SOC architecture oversight, threat detection maturity, offensive security capability, team management, and service revenue growth.

Job Responsibilities

1. SOC Strategy & Implementation

• Design, deploy, and operationalize on-prem or cloud-hosted open-source SOC stack ( i.e. Wazuh, OpenSearch, TheHive, Cortex, automation tools).
• Ensure SOC architecture is secure, scalable, cost-optimized, and aligned with SOC2 controls.
• Establish log onboarding strategy, detection use cases, alert tuning, and incident response workflows.
• Develop SOC runbooks, SLAs, reporting dashboards, and governance framework.

2. SOC Operations & Team Leadership

• Lead and supervise SOC Analysts (L1/L2) and Platform Engineers.
• Oversee 24/7 monitoring readiness, incident triage, escalation, and response management.
• Improve detection engineering, threat intelligence integration (e.g., MISP), and automation maturity.
• Ensure measurable KPIs (MTTD, MTTR, false-positive ratio, SLA adherence).

3. Penetration Testing & Security Assessments

• Lead and execute web application penetration testing (OWASP Top 10 focused).
• Conduct manual exploitation using Burp Suite, OWASP ZAP, and custom payload techniques.
• Assess HTTP/HTTPS, APIs, authentication mechanisms, session management, and cloud exposures.
• Translate vulnerabilities into clear business risk impact and executive-ready reports.
• Drive security assessments across infrastructure, AD, cloud, and network environments.

4. Revenue & Service Development

• Package SOC/MDR as a subscription-based service.
• Support pre-sales discussions, technical proposals, and client onboarding.
• Contribute to cybersecurity service roadmap (SOC2 readiness, ISO 27001 support, cloud attack simulation).
• Ensure delivery quality that supports recurring revenue and client retention.

5. Governance & Compliance Alignment

• Align SOC processes with SOC2 requirements and internal assurance goals.
• Maintain documentation, audit readiness, and reporting structure.
• Support risk assessments and policy development initiatives.

Required Qualifications

• Bachelor’s degree in Computer Science, Cybersecurity, or related field.
• 4+ years of experience in SOC, cybersecurity operations, or offensive security.
• Proven experience building or managing a SOC environment.
• Strong hands-on expertise with SIEM/EDR platforms (Wazuh preferred).
• Experience with log analysis, detection engineering, and incident response.
• Strong penetration testing capability (web & API focused).
• Deep understanding of OWASP Top 10, MITRE ATT&CK, and modern attack vectors.
• Experience with cloud security (AWS/Azure/GCP).