Assistant SOC Manager

**About Lumen**

We’re looking for top-tier talent and offer the flexibility you need to thrive and deliver lasting impact. Join us as we digitally connect the world and shape the future.

**The Role**:
We are seeking a skilled and detail-oriented Assistant SOC Manager to support the operations of our multi-tenant Security Operations Center (SOC) within a Managed Security Services Provider (MSSP) environment. This role involves managing SOC analysts, ensuring adherence to SOC policies and procedures, maintaining operational excellence through metrics, and staying ahead of the evolving threat landscape to protect our clients.

**The Main Responsibilities**:
**SOC Operations & Team Managemen**
- Oversee day-to-day SOC operations across multiple client environments, ensuring timely detection, analysis, and response to security incidents.
- Supervise and mentor SOC analysts, fostering a culture of continuous improvement and technical excellence.
- Ensure 24/7 coverage and shift coordination, including handover procedures and escalation protocols.

**Policies, Procedures & Compliance**
- Assist in developing, maintaining, and enforcing SOC policies, standard operating procedures (SOPs), and incident response playbooks.
- Ensure SOC activities align with regulatory requirements and client-specific compliance frameworks (e.g., ISO 27001, GDPR, PDPA).
- Conduct periodic reviews and updates of SOC documentation to reflect changes in technology, threat landscape, and client needs.

**Operational Metrics & Reporting**
- Define and track key performance indicators (KPIs) and service level agreements (SLAs) for SOC operations.
- Generate and present operational dashboards and reports to internal stakeholders and clients, highlighting incident trends, response times, and SOC effectiveness.
- Identify areas for improvement based on metrics and drive initiatives to enhance SOC performance.

**Threat Intelligence & Landscape Awareness**
- Monitor global and regional threat intelligence feeds to stay informed of emerging threats, vulnerabilities, and attack techniques.
- Collaborate with threat intelligence teams to contextualize threats for MSSP clients and integrate findings into detection and response strategies.
- Support proactive threat hunting and red/blue team exercises to validate SOC readiness.

**Client Engagement & Service Delivery**
- Act as a technical point of contact for clients during incident investigations and post-incident reviews.
- Support onboarding of new clients, including log source integration, rule tuning, and documentation.
- Ensure consistent and high-quality service delivery across all client engagements.

**Education & Experience**:

- Bachelor’s degree in Cybersecurity, Computer Science, or related field.
- 5+ years of experience in cybersecurity, with at least 2 years in a SOC or MSSP environment.
- Experience in managing or mentoring technical teams and working in client-facing roles.

**Technical Skills**:

- Proficient in SIEM platforms (e.g., Splunk, QRadar, LogRhythm), EDR tools, and SOAR technologies.
- Strong understanding of network security, malware analysis, and incident response methodologies.
- Familiarity with multi-tenant environments and client-specific security requirements.
- Experience with scripting and automation (e.g., Python, PowerShell) is a plus.

**Soft Skills**:

- Strong leadership, communication, and interpersonal skills.
- Ability to manage multiple priorities and client expectations in a fast-paced environment.
- Excellent analytical and problem-solving abilities.
- Preferred Certifications:

- GIAC (e.g., GCIH, GCIA, GCFA), CEH, CISSP, or equivalen

**Compensation**:
**What to Expect Next**:
Requisition #: 339494

**Background Screening**

If you are selected for a position, there will be a background screen, which may include checks for criminal records and/or motor vehicle reports and/or drug screening, depending on the position requirements. For more information on these checks, please refer to the Post Offer section of our FAQ page. Job-related concerns identified during the background screening may disqualify you from the new position or your current role. Background results will be evaluated on a case-by-case basis.

Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

**Equal Employment Opportunities**

We are committed to providing equal employment opportunities to all persons regardless of race, color, ancestry, citizenship, national origin, religion, veteran status, disability, genetic characteristic or information, age, gender, sexual orientation, gender identity, gender expression, marital status, family status, pregnancy, or other legally protected status (collectively, “protected statuses”). We do not tolerate unlawful discrimination in any employment decisions, including recruiting, hiring, compensation, promotion, benefits, discipline, termination, job assi