Security Operations Manager

We’re seeking an experienced SOC Manager to lead a 24/7 Security Operations Center , partnering with Expel MDR to drive real-time threat detection, incident response, and security monitoring across a Microsoft E5/E7 environment. This role owns end-to-end SOC operations—overseeing Microsoft Sentinel, Defender XDR, Zscaler, and Proofpoint —and ensuring effective triage, escalation, and response workflows. You’ll act as the primary escalation point for critical incidents , coordinating cross-functional responses with IT, legal, and business stakeholders.

Reporting to the CISO , you’ll drive SOC excellence by managing performance metrics (MTTD, MTTR, SLA adherence), advancing detection engineering, and continuously improving the firm’s security posture. Key Responsibilities Lead and optimize 24/7 SOC operations , including staffing, escalation, and response models Manage and strengthen the Expel MDR partnership and service delivery outcomes Oversee incident response across Defender XDR & Sentinel , including automation (SOAR) and analytics Drive detection engineering , reduce false positives, and enhance threat coverage Own SOC metrics, reporting, and post-incident reviews for leadership visibility Lead response for Severity 1 & 2 incidents and coordinate enterprise-wide remediation Ensure alignment with NIST IR framework , compliance (SOC 2, etc.), and audit readiness Mentor SOC analysts and build a high-performing security operations team Ideal Candidate 10+ years in security operations, with SOC leadership experience Strong hands-on expertise in Microsoft Sentinel, Defender XDR, MDR operations Experience with Zscaler, Proofpoint , and threat intelligence frameworks (MITRE ATT&CK) Proven ability to lead incident response, stakeholder communication, and team development Background in professional/regulated environments preferred