Senior Manager; SOC

* Lead advanced analysis of complex cybersecurity events and incidents, providing actionable remediation steps that ensure rapid containment and recovery. * Oversee and maintain 24/7 Security Operations Centre processes with both internal teams and external service providers, including monitoring, alert triage, escalation procedures, and continuous improvement initiatives.

SENIOR MANAGER SOC

Salary: Competitive and based on experience
Location: Hong Kong

Keywords: collaborative, inclusive, supportive leadership, mentoring, resilient technological environment, compliance, interpersonal skills, knowledgeable team, growth leadership, flexible working opportunities

A leading organisation in Hong Kong is seeking a Senior Technical Manager to oversee its Security Operations Centre (SOC) within a highly collaborative and inclusive IT division. This role offers the opportunity to work alongside over 1,500 professionals from diverse backgrounds, fostering an environment where your unique strengths and perspectives are valued. As part of a knowledgeable and supportive team, you will play a pivotal role in safeguarding critical information assets and ensuring operational resilience for one of the region’s most respected institutions. The position promises exposure to cutting-edge cybersecurity practices, generous training opportunities, and the chance to mentor future leaders in the field. Flexible working arrangements and a commitment to professional growth make this an exceptional opportunity for those passionate about making a meaningful impact in cyber defence.

* Join a vibrant, multicultural IT division with more than 1,500 professionals across Hong Kong and Shenzhen, where diversity and inclusion drive innovation and creativity.
* Play a key role in protecting vital information assets and ensuring business continuity by leading advanced security operations and incident response initiatives.
* Benefit from flexible working opportunities, ongoing training programmes, and a culture that values knowledge sharing, collaboration, and personal development.

What you'll do:

As Senior Technical Manager Security Operations Centre you will be entrusted with overseeing the day-to-day operations of a sophisticated SOC environment. Your responsibilities will span from leading complex incident analyses to driving proactive threat hunting initiatives that keep the organisation ahead of emerging risks. You will coordinate closely with cross-functional teams to manage major incident investigations under pressure while maintaining meticulous documentation for future learning. By developing robust playbooks and optimising response plans in line with evolving threats, you will help shape the strategic direction of cyber defence operations. Your expertise will be instrumental in advising engineering teams on detection logic improvements while mentoring junior analysts to foster a culture of excellence. Regular audits will ensure compliance with regulatory requirements as you champion best practices throughout the department. This is an opportunity to make a tangible difference by enhancing operational resilience through expert management of security processes.

* Lead advanced analysis of complex cybersecurity events and incidents, providing actionable remediation steps that ensure rapid containment and recovery.
* Drive threat intelligence-led threat hunting activities to proactively detect malicious activity, emerging tactics, and vulnerabilities across the organisation’s technology landscape.
* Oversee and maintain 24/7 Security Operations Centre processes with both internal teams and external service providers, including monitoring, alert triage, escalation procedures, and continuous improvement initiatives.
* Direct end-to-end investigations of major security incidents, ensuring minimal operational impact while documenting findings thoroughly for future reference.
* Perform deep root cause analysis on security breaches and recommend robust corrective as well as preventive actions to strengthen defences.
* Develop, update, and optimise SOC processes, incident playbooks, and response plans based on evolving threats and industry best practices.
* Advise security defence engineering teams on detection logic enhancements, control coverage gaps, and improvements to existing security controls.
* Coordinate incident response efforts with cross-functional teams including internal stakeholders and external partners to ensure effective resolution.
* Manage and verify security alerts and incidents by ensuring proper classification, prioritisation, escalation protocols are followed at all times.
* Lead remediation efforts during incidents to guarantee effective containment, eradication of threats, and full recovery of affected systems.
* Leverage both internal and external threat intelligence sources to strengthen detection capabilities within SOC monitoring frameworks.
* Mentor SOC analysts and incident responders by promoting a high-performance security culture focused on continuous learning.
* Ensure compliance with industry standards as well as organisational security policies through regular audits and reviews.

What you bring:

Your proven experience as Senior Technical Manager Security Operations Centre will include substantial leadership within high-stakes incident response settings where your ability to guide teams through complex investigations has been demonstrated repeatedly. You bring not only technical proficiency but also interpersonal sensitivity—enabling you to mentor junior staff effectively while collaborating across departments during critical events. Your familiarity with industry-standard frameworks ensures that your approach remains compliant yet adaptable amid changing regulations. You have developed comprehensive playbooks tailored to specific threats; your analytical skills allow you to translate root cause findings into actionable strategies that prevent recurrence. With hands-on expertise using modern monitoring tools like SIEM or SOAR platforms—and an understanding of adversary behaviour models—you are equipped to close control gaps efficiently. Your capacity for clear communication means executive stakeholders receive timely updates without unnecessary jargon. Above all else, your commitment to nurturing talent within the SOC team sets you apart as someone who values communal success over individual achievement.

* Bachelor’s or Master’s degree in Computer Science, Cybersecurity, Information Systems, Application Development, Networking or related discipline is required for this role.
* Certification in good standing for one or more recognised credentials such as CISSP (Certified Information Systems Security Professional), GIAC GCFA (GIAC Certified Forensics Analyst), GIAC GCIH (GIAC Certified Incident Handler), GIAC GSOC (GIAC Security Operations Certified), GCTI (GIAC Cyber Threat Intelligence), or CTIA (EC-Council Certified Threat Intelligence Analyst) would be advantageous.
* At least ten years’ experience in IT/security roles with significant leadership responsibility in incident response environments is essential.
* Extensive hands-on experience managing cyber security incident responses across diverse attack scenarios including advanced persistent threats is expected.
* Proven track record in overseeing Security Operations Centre BAU processes while optimising workflows for efficiency is highly desirable.
* Strong background in threat intelligence-driven threat hunting including proactive detection/investigation of advanced threats is necessary.
* Deep familiarity with incident response frameworks such as NIST or SANS along with practical application of their methodologies is required.
* Experience developing/maintaining/executing incident response plans/playbooks tailored to evolving threat landscapes is important.
* Expertise conducting root cause analysis for security incidents translating findings into actionable preventive measures is sought after.
* Skilled at creating/refining/maintaining SOC process documentation plus operational runbooks for consistent execution is needed.
* Demonstrated capability coordinating major incident investigations under high-pressure conditions involving multiple stakeholders is valuable.
* Solid understanding of SIEM/SOAR/UEBA/EDR/XDR tools used for monitoring/incident handling within enterprise environments is preferred.
* Knowledge of MITRE ATT&CK/Cyber Kill Chain/adversary behaviour models relevant for detection engineering is beneficial.
* Ability to identify/analyse/close security control coverage gaps through technical troubleshooting across network/endpoint/application/cloud environments is required.
* Experience coordinating cross-functional teams during investigations/remediation efforts ensures successful outcomes.
* Proficiency integrating threat intelligence sources/enrichment into SOC monitoring operations enhances overall effectiveness.
* Familiarity with regulatory compliance requirements/industry standards/audit processes affecting incident response/SOC operations supports governance objectives.
* History mentoring/guiding technically enabling SOC analysts/incident responders fosters team growth leadership culture.
* Ability translating complex technical information into concise updates suitable for executives/stakeholders demonstrates strong communication skills.
* Experience conducting post-incident reviews/lessons-learned processes improves organisational security posture.

What sets this company apart:

This organisation stands out due to its unwavering commitment to diversity, inclusion, and professional development within its IT division—a community comprising over 1,500 professionals from around the globe. Here you’ll find an environment where every voice matters; collaboration isn’t just encouraged but celebrated as the foundation for innovation. The company invests heavily in training opportunities so employees can continually expand their skillsets while benefiting from flexible working arrangements designed around personal needs. Supportive leadership ensures that everyone feels empowered regardless of background or experience level; knowledge sharing is embedded into daily practice so that collective growth becomes second nature. The focus on operational resilience means your contributions directly impact business continuity—making your work both meaningful and rewarding. If you’re looking for a workplace where empathy meets expertise—and where your career can flourish alongside others—this is the ideal setting for you.

What's next:

If you are ready to take your career in cybersecurity leadership to new heights within an inclusive team environment dedicated to excellence—apply now!

Apply today by clicking on the link provided.