Job Description
As a SOC Manager at Accenture, you will be a senior-level cybersecurity leader responsible for the end-to-end management of our Security Operations Center (SOC). You will lead a team of security analysts and engineers to ensure the 24/7 effectiveness of threat monitoring, detection, and incident response operations. This role requires a blend of technical expertise, strategic vision, and operational excellence to defend our clients digital assets against evolving cyber threats.
You will act as the primary point of contact for security incidents and operational reporting, working closely with client stakeholders, global security teams, and executive leadership to drive continuous improvement in security posture.
Key Responsibilities:
Operational Leadership: Manage the day-to-day operations of the SOC, ensuring 24/7 coverage and adherence to Service Level Agreements (SLAs) and Key Performance Indicators (KPIs).
Team Management: Lead, mentor, and develop a high-performing team of L1, L2, and L3 SOC Analysts. Foster a culture of continuous learning, collaboration, and rapid response.
Incident Response: Orchestrate the full lifecycle of major security incidents from detection to containment, eradication, and recovery. Act as the Incident Commander during critical crises.
Threat Intelligence & Hunting: Oversee proactive threat hunting initiatives and the integration of Cyber Threat Intelligence (CTI) into detection mechanisms to identify advanced persistent threats.
Process Improvement: Develop, maintain, and refine SOC playbooks, Standard Operating Procedures (SOPs), and use cases (SIEM/SOAR) to automate responses and reduce mean time to detect/respond (MTTD/MTTR).
Client Delivery: Serve as the Subject Matter Expert (SME) and Service Delivery Manager for key accounts, presenting monthly operational reports, security posture assessments, and strategic recommendations to client leadership.
Technology Management: Oversee the optimization and tuning of security tools including SIEM (Splunk, Sentinel, QRadar), EDR/XDR (CrowdStrike, Microsoft Defender), and SOAR platforms.
Compliance & Governance: Ensure SOC operations align with industry frameworks (NIST, ISO 27001, MITRE ATT&CK) and client-specific regulatory requirements.
Qualifications:
Education: Bachelor's degree in Computer Science, Information Security, Engineering, or a related field. Master's degree is a plus.
Experience:
Minimum 8+ years of experience in Cybersecurity or Information Security.
At least 3-5 years of experience in a leadership role within a SOC or Incident Response environment.
Technical Skills:
In-depth knowledge of SIEM architectures (Splunk ES, Azure Sentinel, Google Chronicle).
Strong understanding of network security, endpoint security, cloud security (AWS/Azure/GCP), and malware analysis.
Proficiency with the MITRE ATT&CK framework and Cyber Kill Chain methodology.
Experience with SOAR platforms and automation scripting (Python, PowerShell) is highly desirable.
Professional Skills:
Excellent command of English and Thai (written and verbal) is required for client communication.
Strong crisis management skills with the ability to remain calm and decisive under pressure.
Proven ability to translate complex technical issues into business risks for executive stakeholders.
Preferred Certifications:
Certified Information Systems Security Professional (CISSP)
Certified Information Security Manager (CISM)
GIAC Certified Incident Handler (GCIH) or GIAC Security Operations Manager (GSOM)
Certified SOC Analyst (CSA) or CASP+
