SOC Manager - Banking (m/f/d)

Manager – Security Operations Center (SOC)

A leading banking organisation is seeking an experienced and decisive Manager to lead its Security Operations Center (SOC). The successful candidate will be responsible for ensuring continuous monitoring, detection, analysis, and response to cybersecurity threats across on-premise, cloud, and hybrid environments. Reporting directly to the Head of Cyber Defense / CISO, this is a senior leadership role requiring deep technical expertise combined with strong people management and stakeholder engagement capability.

Responsibilities:

• Lead and oversee 24x7 SOC operations, ensuring effective monitoring and timely response to security events across the organisation.
• Own the end-to-end incident response lifecycle, covering detection, containment, eradication, recovery, and post-incident review.
• Act as the primary escalation point for high-severity (P1/P2) cybersecurity incidents, ensuring resolution within defined SLAs, playbooks, and escalation frameworks.
• Ensure optimal configuration, tuning, and operational effectiveness of security tools including SIEM, SOAR, EDR/XDR, NDR, and UEBA.
• Oversee the development and continuous enhancement of use cases, detection rules, and alert correlation logic.
• Lead proactive threat hunting and continuous monitoring activities aligned with the evolving threat landscape and MITRE ATT&CK framework.
• Ensure SOC operations comply with CBUAE Cyber Risk Management regulations, NIST, ISO 27001, and ADCB Information Security policies and standards.
• Support internal audits, regulatory examinations, and compliance reviews, maintaining up-to-date SOC documentation including SOPs, runbooks, incident reports, and dashboards.
• Lead, coach, and develop SOC analysts and incident responders across L1, L2, and L3 tiers, defining shift rosters, skill matrices, training plans, and performance objectives.
• Drive continuous capability uplift through training programmes, simulations, tabletop exercises, and lessons learned sessions.
• Manage SOC vendors, MSSPs, and technology partners, monitoring performance against contractual SLAs and KPIs, and coordinating vendor involvement during incidents and forensic activities.
• Provide regular SOC operational and risk reports to senior management covering incident trends, SLA compliance, and threat landscape overviews.
• Brief senior stakeholders during major incidents and crisis situations, collaborating closely with IT Infrastructure, Cloud, GRC, and Business teams.

Qualifications and Skills:

• Minimum 10 years of experience in cybersecurity, with at least 5 years in a SOC or Incident Response leadership role.
• Bachelor's degree in Information Security, Computer Science, Information Technology, or a related discipline.
• Strong experience operating SOC functions within a banking or regulated environment.
• Deep knowledge of SIEM, SOAR, EDR/XDR, NDR, UEBA, and threat intelligence platforms.
• Strong understanding of cyber threats, malware, ransomware, and Advanced Persistent Threats (APTs).
• Hands-on experience with incident handling, digital forensics, and log analysis.
• Familiarity with MITRE ATT&CK, threat intelligence frameworks, and industry best practices.
• Strong analytical, decision-making, and crisis management skills with the ability to lead effectively under pressure.
• Clear communicator with the ability to brief and influence senior stakeholders during high-pressure situations.
• CISSP, CISM, or GIAC certifications (GCIH, GCED, GCIA) are preferred; cloud security certifications (AWS/Azure Security) are an advantage.

Halian Group: With over 28 years of experience, we have come to understand that innovation is the only way to provide agile, practical solutions that transform businesses and careers. Our resourcing and smart services help you to realize tomorrow's potential. Discover the amazing things possible when you bring the right people and the right technologies together.

At Halian, we recognize that diversity, equity, and inclusion (DEI) are essential to building high-performing teams for our clients. We are committed to connecting organizations with top talent from all backgrounds, ensuring that every individual feels valued, respected, and empowered to contribute their unique perspectives. We encourage applications from all qualified candidates, regardless of race, gender, disability, or any other characteristic that makes them unique. By fostering diverse and inclusive workplaces, we help our clients drive innovation, enhance collaboration, and better reflect the communities they serve.

#LI-CC1