SOC Manager (Cyber Security Operations)
(KSA National)
Riyadh
A leading cybersecurity services organisation in Saudi Arabia is building a new Security Operations Centre (SOC) capability and is seeking a SOC Manager to lead the design, build, and operation of this function.
This is a greenfield opportunity to establish a SOC as a customer-facing, revenue-generating business unit, delivering managed security services to enterprise and government clients across the Kingdom.
Key Responsibilities
SOC Build & Operations
- Lead the design, setup, and ongoing operation of the SOC
- Define SOC operating model, service scope, and escalation frameworks
- Establish 24/7 monitoring capability (in-house and/or hybrid)
- Develop and maintain SOC playbooks, runbooks, and procedures
- Ensure high-quality incident detection, investigation, and response
Technology & Tooling
- Support selection and implementation of SIEM, SOAR, EDR/XDR, and threat intelligence platforms
- Ensure tooling supports multi-tenant customer environments
- Oversee detection use cases, tuning, and automation
- Work closely with vendors and partners where required
Team Leadership
- Build and manage SOC analysts (L1/L2/L3)
- Own hiring, onboarding, training, and performance management
- Define shift patterns, rotas, and coverage models
- Mentor analysts and develop local Saudi cyber talent
Customer & Stakeholder Management
- Act as the primary SOC point of contact for customers
- Manage SLAs, incident communications, and reporting
- Support presales and customer onboarding activities
- Present SOC capabilities and incident outcomes to senior stakeholders
Governance & Compliance
- Ensure alignment with Saudi cybersecurity regulations and frameworks (e.g. NCA, SAMA where applicable)
- Support audits, compliance reporting, and regulatory requests
- Maintain SOC KPIs and operational metrics (MTTD, MTTR, false positives)
Required Experience & Skills
- Proven experience managing or leading a Security Operations Centre
- Background in SOC build, scale, or transformation environments
- Strong knowledge of:
- Incident response
- Threat detection
- SIEM / SOAR / EDR platforms
- Experience working in regulated environments
- Comfortable in customer-facing and commercial settings
- Strong leadership, communication, and decision-making skills
Mandatory Requirements
- Saudi National (mandated)
