Security Operations Center (SOC) Manager

The role

Nebius is looking for a an experienced SOC Manager to join the Cyber Security organization, reporting to the Head of Detection & Response under the CISO

.This role is responsible for leading the organization’s Security Operations Center (SOC), overseeing 24/7 monitoring, detection, and response activities across cloud, infrastructure, SaaS, and enterprise environments

.The ideal candidate is both operationally strong and strategically minded, with hands-on experience in security operations, incident response, and team leadership. You will drive continuous improvement of detection and response capabilities while ensuring effective collaboration with Security, DevOps, Infrastructure, and Engineering teams

.You’re welcome to work in our offices in Tel Aviv

.
Your responsibilities will includ

e:
SOC Operations Leaders

• hipLead and manage day-to-day SOC operations, including monitoring, detection, triage, and incident respon
• se.Oversee security alerts and incidents across SIEM, EDR/XDR, cloud security, and other detection platfor
• ms.Ensure timely and effective response to security incidents in accordance with defined SLAs and severity leve
• ls.Manage SOC analysts (internal or external), including task prioritization, shift coverage, performance, and professional developme

nt.Incident Response & Handl

• ingOwn the full incident response lifecycle: detection, analysis, containment, eradication, and recove
• ry.Act as the primary escalation point for complex or high-severity security inciden
• ts.Coordinate cross-functional response efforts with Security, IT, DevOps, Infrastructure, and Engineering tea
• ms.Ensure proper documentation, incident tracking, and execution of post-incident reviews (lessons learne

d).Detection, Monitoring & Improvem

• entContinuously improve detection capabilities, including development and tuning of use cases and alerting rul
• es.Reduce false positives while increasing detection coverage, accuracy, and operational efficien
• cy.Drive onboarding of new log sources and security telemetry into SIEM and monitoring platfor
• ms.Promote automation and orchestration (SOAR) to improve response times and reduce manual effo

rt.Governance, KPIs & Report

• ingDefine, track, and report on SOC KPIs such as MTTD, MTTR, alert volumes, and incident tren
• ds.Build and maintain dashboards and executive-level reporting for the CISO and senior leadersh
• ip.Develop and maintain SOC playbooks, runbooks, and standard operating procedur
• es.Support audits, compliance activities, and alignment with security frameworks and polici

es.
We expect you to h

• ave:
  5+ years of experience in cyber security operations, SOC, or incident response r
• oles.2+ years of experience managing or leading SOC teams (internal or M
• SSP).Hands-on experience with SIEM platforms (e.g., Splunk, Sentinel, QRadar) and EDR/XDR t
• ools.Strong understanding of incident response processes and security operations workf
• lows.Experience working in cloud environments (AWS, GCP, Azure) and modern infrastruc
• ture.Strong analytical and problem-solving skills with high attention to de
• tail.Experience working cross-functionally with Security, DevOps, IT, and Engineering t

eams.
It will be an added bonus if you

• have:
  Experience building or scaling SOC capabilities in a growing organi
• zation.Familiarity with SOAR platforms and security auto
• mation.Knowledge of threat intelligence and threat hunting methodo
• logies.Experience working within a CISO organization or Securi
• ty PMO.Familiarity with regulatory frameworks (ISO 27001, SOC 2, NIST,
• etc.).Background in SaaS, cloud-native environments, or large-scale enterprise s
• ystems.BSc in Computer Science, Information Security, or a related