SOC Manager

Claranet Portugal
26, August 2025
Cibersegurança
Tempo inteiro

Descrição do trabalho

We're fast learners, hard workers, natural collaborators... and we Make Modern Happen!

Our ambition is to unlock the potential of our digital world so that organisations everywhere can innovate and thrive securely. We aim to achieve this goal by bringing together the world’s most talented people and the most powerful technologies, combining them to address our customers' challenges and to build something stronger together.

If you share our vision, join us!

Right now, we are looking for a SOC Manager to integrate our internal team.

  • Your responsibilities include:
  • Leading the SOC as a Service (SOCaaS) delivery, ensuring alignment with client expectations, internal objectives, and cybersecurity best practices.
  • Managing internal teams through their respective Team Leaders, providing strategic direction and oversight.
  • Ensuring service quality and performance by monitoring incident trends, verifying SLA/KPI compliance, and driving continuous process improvements, with a strong focus on automation, efficiency, and operational maturity.
  • Coordinating Digital Forensics and Incident Response (DFIR) activities, ensuring effective investigation and resolution of security incidents.
  • Driving automation, integration, and orchestration across cybersecurity platforms to improve response times and operational efficiency.
  • Ensuring the evolution of the detection engineering function, including the design and implementation of detection use cases, tuning of alerts, and alignment with threat intelligence and client-specific risk profiles.
  • Acting as the key point of contact for internal and external stakeholders regarding SOC services, delivering clear and concise reporting and presentations on SOC performance, incident trends, and improvement plans.
  • Facilitating alignment between business and operational teams, ensuring cybersecurity initiatives support business needs and operational execution.
  • Collaborating with team leads on resource planning, skills development, and career growth.
  • Supporting the strategic evolution of the SOCaaS offering, including client onboarding, platform enhancements, and defining the roadmap for technology, process, and operational improvements across cybersecurity operations.
  • You must have:
  • A Bachelor’s degree in Computer Science, Information Security, Engineering, or a related field .
  • At least 4 years of experience in cybersecurity, including 2 or more years in leadership or management roles.
  • Hands-on experience in SOC environments and familiarity with MSSP or MDR service delivery models.
  • A solid understanding of SOC technologies and concepts, including SIEM, SOAR, EDR, threat detection, and incident response.
  • Practical knowledge of tools such as Microsoft Sentinel and Palo Alto Cortex XSOAR.
  • Familiarity with frameworks such as MITRE ATT&CK, NIST, ISO 27001, NIS2, DORA, etc.
  • Strong leadership and communication skills, with the ability to manage through Team Leaders and coordinate across diverse technical and customer-facing teams.
  • Proven ability to prioritize and manage competing demands in a fast-paced, dynamic environment.
  • We value:
  • Experience working in SOC-as-a-Service or multi-tenant MSSP environments.
  • A strategic, service-oriented mindset that balances operational effectiveness with long-term capability growth.
  • A continuous improvement approach, particularly in the areas of automation, detection engineering, and SOC process maturity.
  • Familiarity with tools such as CrowdStrike, SentinelOne, and Microsoft Defender for Endpoint.
  • A genuine interest in developing talent, fostering a strong team culture, and supporting Team Leaders in their growth and effectiveness.
  • Passion for cybersecurity and staying current with emerging threats, technologies, and industry practices.
  • Relevant certifications, such as:

- Microsoft Certified: SC-100 Cybersecurity Architect Expert

- Microsoft Certified: SC-200 Security Operations Analyst Associate

- Palo Alto Networks Certified Cybersecurity Associate (PCCSA)

- GCIH (GIAC Certified Incident Handler)

- GSOC (GIAC Security Operations Certified)

- GCIA (GIAC Certified Intrusion Analyst)

- GCED (GIAC Certified Enterprise Defender)

- MITRE ATT&CK Defender

  • We offer:
  • Regular professional development;
  • Health insurance, with family package;
  • Office facilities for meals and snacks;
  • Regular teambuilding programs;
  • Friendly workplace.

Workplace: Lisboa ou Porto

Make modern happen!

Voltar para homepage