Deputy General Manager - Cybersecurity Operations

Role Summary

Experienced SOC Operations Lead responsible for managing 24x7 MSSP SOC services, ensuring effective threat detection, incident response, and service delivery across multiple customer environments. Provides technical leadership, operational governance, and customer assurance while continuously improving SOC capabilities, processes, and security posture.

Key Responsibilities

SOC Operations & Service Delivery

• Lead end-to-end SOC operations supporting multiple MSSP customers.

• Ensure timely detection, analysis, escalation, and response to security incidents.

• Manage SOC SLAs, KPIs, and operational performance metrics (MTTD, MTTR, SLA adherence).

• Act as senior escalation point for critical and high-severity incidents.

Customer & Stakeholder Management

• Serve as primary security operations interface for MSSP customers.

• Provide executive incident briefings, service reviews, and operational reports.

• Build customer confidence through effective communication and service assurance.

Incident Response & Threat Management

• Lead incident investigation, containment, and root cause analysis.

• Oversee threat hunting, malware analysis, and threat intelligence integration.

• Ensure proactive detection and response aligned with evolving threat landscape.

SOC Leadership & Team Management

• Lead, mentor, and develop Tier 1, Tier 2, and Tier 3 SOC teams.

• Manage shift coverage, escalation matrix, and operational readiness.

• Drive skill development and continuous improvement of SOC analysts.

Technology & Process Optimization

• Manage and optimize SIEM, EDR, SOAR, and threat intelligence platforms.

• Improve detection use cases, playbooks, and automation.

• Enhance SOC maturity aligned with industry frameworks (MITRE ATT&CK, NIST, ISO 27001).

Governance, Compliance & Reporting

• Ensure compliance with customer, regulatory, and audit requirements.

• Provide SOC dashboards, incident trends, and executive reports.

• Support audits, risk assessments, and security posture improvements.

Required Skills & Experience

• 15+ years of cybersecurity experience with strong SOC operations leadership.

• Extensive MSSP SOC operations and multi-customer environment experience.

• Strong expertise in SIEM (Splunk, QRadar, Sentinel), EDR/XDR, SOAR platforms.

• Proven experience managing critical incident response and customer escalations.

• Strong leadership, stakeholder management, and executive communication skills.

• Experience in banking, telecom, or enterprise SOC environments preferred.

Preferred Certifications

• CISSP, CISM, or GIAC certifications

• SIEM platform certifications (Splunk, Sentinel, QRadar)

• ISO 27001 Lead Implementer / Lead Auditor

Required Skills & Competencies

Experience of managing MSSP SOC operations 10+ years with 50+ team members delivering services to Global customers

Technical Skills

• Strong knowledge of:

  • SIEM platforms

  • EDR/XDR tools

  • Threat intelligence platforms

  • Incident response and digital forensics

• Knowledge of:

  • Network security

  • Endpoint security

  • Cloud security (AWS, Azure, GCP)

  • Malware analysis basics

• Understanding of:

  • MITRE ATT&CK Framework

  • Cyber kill chain

  • Threat actor TTPs