ICE Consulting - Managed IT Services
Security Operations Center (SOC) and Compliance Manager
ICE Consulting - Managed IT Services, Milpitas, California, United States, 95035
Job Summary:
We are seeking a highly skilled and experienced
SOC & Compliance Manager
to lead our Security Operations Center (SOC) and ensure compliance with relevant regulations, industry standards, and security frameworks. This role requires a blend of technical expertise, leadership abilities, and an understanding of compliance requirements to manage and improve our cybersecurity posture. The SOC & Compliance Manager will oversee incident response, threat monitoring, security operations, and ensure adherence to regulatory and industry compliance standards.
Key Responsibilities:
SOC Management:Lead and manage a team of SOC analysts and engineers to ensure 24/7 monitoring, detection, and response to security incidents.Oversee the design, implementation, and continuous improvement of security monitoring tools and technologies (e.g., SIEM, IDS/IPS, firewalls, endpoint protection).Ensure timely and accurate triage, investigation, and response to security incidents.Develop, implement, and maintain incident response playbooks, procedures, and escalation processes.Provide leadership during major security incidents, including coordination with internal and external stakeholders.Regularly report on security incidents, trends, and overall SOC performance to senior management.Compliance Management:
Ensure compliance with regulatory requirements and industry standards such as
ISO 27001, GDPR, HIPAA, PCI-DSS, SOC 2 , and others as applicable.Develop, implement, and maintain security policies, procedures, and controls to meet compliance requirements.Conduct internal security audits and risk assessments, ensuring alignment with security frameworks and regulatory requirements.Coordinate with legal, HR, and other departments to address compliance and regulatory issues.Manage third-party security assessments, audits, and certifications.Stay up-to-date with evolving regulations, compliance requirements, and security best practices.Collaboration & Communication:
Act as a liaison between the SOC team and business units to align security operations with organizational goals.Work closely with IT, DevOps, and other departments to ensure security is integrated into the organization's technology and business processes.Provide training and awareness programs to staff on security policies and compliance.Requirements
Required Skills and Qualifications:
Bachelor's Degree
in Information Security, Computer Science, or related field (or equivalent work experience).Experience : 7-10 years in cybersecurity, with at least 3-5 years in a SOC leadership role and experience managing compliance programs.Certifications
(Preferred):Certified Information Systems Security Professional (CISSP)Certified Information Security Manager (CISM)Certified Information Systems Auditor (CISA)Certified in Risk and Information Systems Control (CRISC)GIAC Certified Incident Handler (GCIH)Technical Expertise:
Deep understanding of SOC operations, including incident detection, response, and remediation.Experience working with security tools such as SIEM, IDS/IPS, firewalls, vulnerability management systems, and endpoint protection platforms.Knowledge of common cybersecurity frameworks such as
NIST, ISO 27001, COBIT , and familiarity with laws like
GDPR, CCPA, HIPAA .Familiarity with cloud security (AWS, Azure, GCP) and securing hybrid environments.Experience with automation and orchestration tools (e.g., SOAR platforms) is a plus.Compliance & Governance:
Proven experience in ensuring compliance with security standards and regulations (e.g., ISO 27001, PCI-DSS, SOC 2, GDPR, HIPAA).Ability to develop, implement, and manage security policies and procedures aligned with regulatory frameworks.Experience with internal and external audits, risk assessments, and regulatory reporting.Leadership & Soft Skills:
Strong leadership and management skills, with the ability to mentor and lead a high-performing SOC team.Excellent written and verbal communication skills for interacting with senior leadership and regulatory authorities.Strong organizational and project management skills to handle multiple compliance initiatives simultaneously.Ability to work under pressure and manage security incidents in a fast-paced environment.Analytical and problem-solving skills to assess security risks and recommend solutions.
We are seeking a highly skilled and experienced
SOC & Compliance Manager
to lead our Security Operations Center (SOC) and ensure compliance with relevant regulations, industry standards, and security frameworks. This role requires a blend of technical expertise, leadership abilities, and an understanding of compliance requirements to manage and improve our cybersecurity posture. The SOC & Compliance Manager will oversee incident response, threat monitoring, security operations, and ensure adherence to regulatory and industry compliance standards.
Key Responsibilities:
SOC Management:Lead and manage a team of SOC analysts and engineers to ensure 24/7 monitoring, detection, and response to security incidents.Oversee the design, implementation, and continuous improvement of security monitoring tools and technologies (e.g., SIEM, IDS/IPS, firewalls, endpoint protection).Ensure timely and accurate triage, investigation, and response to security incidents.Develop, implement, and maintain incident response playbooks, procedures, and escalation processes.Provide leadership during major security incidents, including coordination with internal and external stakeholders.Regularly report on security incidents, trends, and overall SOC performance to senior management.Compliance Management:
Ensure compliance with regulatory requirements and industry standards such as
ISO 27001, GDPR, HIPAA, PCI-DSS, SOC 2 , and others as applicable.Develop, implement, and maintain security policies, procedures, and controls to meet compliance requirements.Conduct internal security audits and risk assessments, ensuring alignment with security frameworks and regulatory requirements.Coordinate with legal, HR, and other departments to address compliance and regulatory issues.Manage third-party security assessments, audits, and certifications.Stay up-to-date with evolving regulations, compliance requirements, and security best practices.Collaboration & Communication:
Act as a liaison between the SOC team and business units to align security operations with organizational goals.Work closely with IT, DevOps, and other departments to ensure security is integrated into the organization's technology and business processes.Provide training and awareness programs to staff on security policies and compliance.Requirements
Required Skills and Qualifications:
Bachelor's Degree
in Information Security, Computer Science, or related field (or equivalent work experience).Experience : 7-10 years in cybersecurity, with at least 3-5 years in a SOC leadership role and experience managing compliance programs.Certifications
(Preferred):Certified Information Systems Security Professional (CISSP)Certified Information Security Manager (CISM)Certified Information Systems Auditor (CISA)Certified in Risk and Information Systems Control (CRISC)GIAC Certified Incident Handler (GCIH)Technical Expertise:
Deep understanding of SOC operations, including incident detection, response, and remediation.Experience working with security tools such as SIEM, IDS/IPS, firewalls, vulnerability management systems, and endpoint protection platforms.Knowledge of common cybersecurity frameworks such as
NIST, ISO 27001, COBIT , and familiarity with laws like
GDPR, CCPA, HIPAA .Familiarity with cloud security (AWS, Azure, GCP) and securing hybrid environments.Experience with automation and orchestration tools (e.g., SOAR platforms) is a plus.Compliance & Governance:
Proven experience in ensuring compliance with security standards and regulations (e.g., ISO 27001, PCI-DSS, SOC 2, GDPR, HIPAA).Ability to develop, implement, and manage security policies and procedures aligned with regulatory frameworks.Experience with internal and external audits, risk assessments, and regulatory reporting.Leadership & Soft Skills:
Strong leadership and management skills, with the ability to mentor and lead a high-performing SOC team.Excellent written and verbal communication skills for interacting with senior leadership and regulatory authorities.Strong organizational and project management skills to handle multiple compliance initiatives simultaneously.Ability to work under pressure and manage security incidents in a fast-paced environment.Analytical and problem-solving skills to assess security risks and recommend solutions.