Back to search:IT SOC / Jakarta

The SOC & Managed Risk Manager is responsible for leading and overseeing the Security Operations Center (SOC) and Managed Risk Services functions in a multi-tenant managed security environment.

This role ensures the efficient delivery of 24/7 threat detection and incident response while also managing vulnerability, risk, and compliance monitoring for multiple enterprise clients.

The position requires a balance of technical SOC leadership, client engagement, and risk management oversight, ensuring service excellence and continuous security improvement for all clients.

Key Responsibilities

=============

1. SOC Operations & Incident Management

  • Lead day-to-day SOC operations across multiple clients, ensuring proactive monitoring, detection, and response to cyber threats.
  • Manage the SOC team (Tier 1–3 Analysts, Threat Hunters, and Incident Responders) to meet service SLAs and maintain quality standards
  • Oversee incident triage, escalation, and post-incident reviews (PIR) with clients and internal teams.
  • Continuously improve detection rules, playbooks, and SOAR automation workflows.

2. Managed Risk Operations

  • Oversee vulnerability management services including scanning, assessment, and remediation tracking across client environments
  • Manage the delivery of Managed Risk services, such as: Vulnerability Assessment & Reporting, Risk Scoring & Prioritization, Patch Management Advisory, Continuous Attack Surface Monitoring, Ensure all risk-related deliverables meet client expectations and align with contractual SLAs, Correlate SOC findings with vulnerability and risk data to provide clients with holistic security insights.

3. Client Relationship & Reporting

  • Act as a key point of contact for clients for both SOC and Managed Risk services
  • Deliver monthly and quarterly reports on incident trends, vulnerabilities, risk posture, and security improvement recommendations
  • Conduct regular review meetings with clients (QBR – Quarterly Business Reviews)
  • Work with sales and pre-sales teams to identify new opportunities for service expansion.

4. Threat Intelligence & Risk Correlation

  • Integrate threat intelligence feeds into both SOC detection and risk assessment workflows
  • Use analytics to correlate active threats with vulnerable assets to prioritize response
  • Maintain awareness of emerging threats, CVEs, and global cybersecurity trends that may affect clients.

5. Quality, Governance, and Compliance

  • Maintain up-to-date documentation for SOC and Managed Risk processes (SOPs, SLAs, and Runbooks)
  • Ensure compliance with international standards such as ISO 27001, ISO 20000, NIST CSF, and CIS Controls
  • Support internal and client-facing security audits
  • Implement continuous improvement programs to enhance service quality and efficiency.

6. People & Capability Management

  • Train and develop team members in both SOC and Risk Management disciplines
  • Manage certifications and skill development plans for analysts and risk consultants
  • Foster a culture of proactive defense, collaboration, and innovation.

Job Requirements:

  • Bachelor's / Master's degree in Computer Science, Information Security, or related field in Cybersecurity Management, Risk Management, or IT Governance is an advantage
  • Experience minimum 5–10 years of professional experience in cybersecurity, with at least 3 years in SOC management and 2+ years in risk or vulnerability management
  • Proven experience managing multi-tenant environments within an MSSP or large enterprise
  • Strong understanding of: SIEM, SOAR, and EDR platforms, Vulnerability management tools (Tenable, Qualys, Rapid7, etc.), Risk frameworks and methodologies (ISO 27005, NIST RMF, FAIR)
  • Strong leadership and team-building skills across multi-disciplinary teams
  • Excellent client communication and executive presentation ability
  • Strategic mindset with hands-on problem-solving skills
  • Able to prioritize and manage multiple client engagements simultaneously.
  • High emotional intelligence and stakeholder management capability

Hold Certifications (Preferred):

================

Core Security:

CompTIA Security+, CEH, or GCIH

CISSP / CISM / CRISC (strongly preferred)

GIAC (GCIA, GCFA, GRID)

Apply on the website