Senior Manager; SOC

SENIOR MANAGER SOC Salary: Competitive and based on experienceLocation: Hong Kong Keywords: collaborative, inclusive, supportive leadership, mentoring, resilient technological environment, compliance, interpersonal skills, knowledgeable team, growth leadership, flexible working opportunities About the organization A leading organisation in Hong Kong is seeking a Senior Technical Manager to oversee its Security Operations Centre (SOC) within a highly collaborative and inclusive IT division. This role offers the opportunity to work alongside over 1,500 professionals from diverse backgrounds, fostering an environment where your unique strengths and perspectives are valued. As part of a knowledgeable and supportive team, you will play a pivotal role in safeguarding critical information assets and ensuring operational resilience for one of the region's most respected institutions. The position promises exposure to cutting‑edge cybersecurity practices, generous training opportunities, and the chance to mentor future leaders in the field. Flexible working arrangements and a commitment to professional growth make this an exceptional opportunity for those passionate about making a meaningful impact in cyber defence. What you’ll do Lead advanced analysis of complex cybersecurity events and incidents, providing actionable remediation steps that ensure rapid containment and recovery. Drive threat intelligence‑led threat hunting activities to proactively detect malicious activity, emerging tactics, and vulnerabilities across the organisation's technology landscape. Oversee and maintain 24/7 Security Operations Centre processes with both internal teams and external service providers, including monitoring, alert triage, escalation procedures, and continuous improvement initiatives. Direct end‑to‑end investigations of major security incidents, ensuring minimal operational impact while documenting findings thoroughly for future reference. Perform deep root cause analysis on security breaches and recommend robust corrective as well as preventive actions to strengthen defences. Develop, update, and optimise SOC processes, incident playbooks, and response plans based on evolving threats and industry best practices. Advise security defence engineering teams on detection logic enhancements, control coverage gaps, and improvements to existing security controls. Coordinate incident response efforts with cross‑functional teams including internal stakeholders and external partners to ensure effective resolution. Manage and verify security alerts and incidents by ensuring proper classification, prioritisation, escalation protocols are followed at all times. Lead remediation efforts during incidents to guarantee effective containment, eradication of threats, and full recovery of affected systems. Leverage both internal and external threat intelligence sources to strengthen detection capabilities within SOC monitoring frameworks. Mentor SOC analysts and incident responders by promoting a high‑performance security culture focused on continuous learning. Ensure compliance with industry standards as well as organisational security policies through regular audits and reviews. What you bring Your proven experience as Senior Technical Manager Security Operations Centre will include substantial leadership within high‑stakes incident response settings where your ability to guide teams through complex investigations has been demonstrated repeatedly. You bring not only technical proficiency but also interpersonal sensitivity‑enabling you to mentor junior staff effectively while collaborating across departments during critical events. Your familiarity with industry‑standard frameworks ensures that your approach remains compliant yet adaptable amid changing regulations. You have developed comprehensive playbooks tailored to specific threats; your analytical skills allow you to translate root cause findings into actionable strategies that prevent recurrence. With hands‑on expertise using modern monitoring tools like SIEM or SOAR platforms—and an understanding of adversary behaviour models—you are equipped to close control gaps efficiently. Your capacity for clear communication means executive stakeholders receive timely updates without unnecessary jargon. Above all else, your commitment to nurturing talent within the SOC team sets you apart as someone who values communal success over individual achievement. Qualifications Bachelor's or Master's degree in Computer Science, Cybersecurity, Information Systems, Application Development, Networking or related discipline is required. Certification in good standing for one or more recognised credentials such as CISSP, GIAC GCFA, GIAC GCIH, GIAC GSOC, GCTI, or CTIA would be advantageous. At least ten years' experience in IT/security roles with significant leadership responsibility in incident response environments is essential. Extensive hands‑on experience managing cyber security incident responses across diverse attack scenarios including advanced persistent threats is expected. Proven track record in overseeing Security Operations Centre BAU processes while optimising workflows for efficiency is highly desirable. Strong background in threat intelligence‑driven threat hunting including proactive detection/investigation of advanced threats is necessary. Deep familiarity with incident response frameworks such as NIST or SANS along with practical application of their methodologies is required. Experience developing/maintaining/executing incident response plans/playbooks tailored to evolving threat landscapes is important. Expertise conducting root cause analysis for security incidents translating findings into actionable preventive measures is sought after. Skilled at creating/refining/maintaining SOC process documentation plus operational runbooks for consistent execution is needed. Demonstrated capability coordinating major incident investigations under high‑pressure conditions involving multiple stakeholders is valuable. Solid understanding of SIEM/SOAR/UEBA/EDR/XDR tools used for monitoring/incident handling within enterprise environments is preferred. Knowledge of MITRE ATT&CK, Cyber Kill Chain, and adversary behaviour models relevant for detection engineering is beneficial. Ability to identify/analyse/close security control coverage gaps through technical troubleshooting across network/endpoint/application/cloud environments is required. Experience coordinating cross‑functional teams during investigations/remediation efforts ensures successful outcomes. Proficiency integrating threat intelligence sources/enrichment into SOC monitoring operations enhances overall effectiveness. Familiarity with regulatory compliance requirements/industry standards/audit processes affecting incident response/SOC operations supports governance objectives. History mentoring/guiding technically enabling SOC analysts/incident responders fosters team growth leadership culture. Ability translating complex technical information into concise updates suitable for executives/stakeholders demonstrates strong communication skills. Experience conducting post‑incident reviews/lessons‑learned processes improves organisational security posture. What sets this company apart This organisation stands out due to its unwavering commitment to diversity, inclusion, and professional development within its IT division—a community comprising over 1,500 professionals from around the globe. Here you'll find an environment where every voice matters; collaboration isn't just encouraged but celebrated as the foundation for innovation. The company invests heavily in training opportunities so employees can continually expand their skillsets while benefiting from flexible working arrangements designed around personal needs. Supportive leadership ensures that everyone feels empowered regardless of background or experience level; knowledge sharing is embedded into daily practice so that collective growth becomes second nature. The focus on operational resilience means your contributions directly impact business continuity—making your work both meaningful and rewarding. Next Steps If you are ready to take your career in cybersecurity leadership to new heights within an inclusive team environment dedicated to excellence—apply now #J-18808-Ljbffr