Manager - Security Operations Center

Roles and Responsibilities

1. Lead Security Operations across Ola Group, ensuring consistent standards of threat detection and incident response in adherence to Ola's Information Security policies.
2. Build, manage, and develop a high-performing team of SOC engineers, with accountability for their performance management, career development, and operational readiness.
3. Set and enforce standards for detection quality and incident response; investigate SLA breaches to identify systemic causes and drive resolution through process, tooling, or capability changes.
4. Define and execute the SOC detection strategy, aligned to the evolving threat landscape across Ola Group's entities; identify and address coverage gaps through structured detection engineering and threat hunting programs.
5. Drive adoption of LLM-based agents, AI-driven workflows, and automation frameworks to strengthen detection and incident response capabilities across the SOC.
6. Represent Security Operations to senior leadership and the CISO; communicate risk posture, operational performance, and investment priorities with clarity and evidence.
7. Collaborate with Engineering, DevOps, IT, Legal, and Product to improve logging coverage, detection capabilities, and the organization's overall security posture.
8. Own the SOC maturity roadmap; identify capability and process gaps, build structured improvement plans, and drive execution, including purple team exercises and analyst development programs.
9. Build and govern a threat intelligence program that delivers timely, evidence-based briefings to stakeholders and ensures intelligence is applied to improve detection and response.

Experience & Skills

1. 7–10 years of experience in Security Operations, with at least 2 years in a people-management role leading a SOC, Vulnerability Management, or Red Team function.
2. Proven record of building and managing high-performing security teams; experienced in hiring, performance management, and people development in fast-paced, high-growth environments.
3. Strong practitioner background in security operations — hands-on depth in SIEM, XDR, SOAR, forensic investigation, and incident response sufficient to set quality standards and evaluate technical decisions independently.
4. Strong understanding of the MITRE ATT&CK Framework, adversary tools, techniques, and procedures, and their direct application to detection engineering and threat hunting.
5. Experience leading AI and automation adoption in a security operations context; working knowledge of LLMs, AI agents, agentic workflows, prompt engineering, MCP, RAG, and agent orchestration frameworks applied to SOC use cases.
6. Demonstrated ability to engage effectively at both the operational and strategic levels — maintaining technical credibility with the team while articulating risk posture and investment decisions to senior leadership.
7. Strong written and verbal communication skills; proficient in translating complex security findings into clear, actionable insights for technical and non-technical audiences, including senior leadership.
8. Hands-on experience with cloud security operations across AWS and/or GCP; proficiency in Python for automation, detection development, and operational tooling.
9. Availability for on-call response in the event of critical security incidents.
10. Bachelor's degree in a related field or equivalent demonstrated experience and knowledge..