Job Description: Senior Manager II - Security Operations Center
Bloom Energy is seeking an experienced Senior Manager, Security Operations Center (SOC) to lead Bloom Energy's cybersecurity defense program. In this role, you will oversee 24/7 SOC operations, lead a team of analysts performing detection, triage, escalation, monitoring and ensure effective coordination of incident response activities. The SOC Senior Manager develops incident response playbooks, implements monitoring and reporting procedures, and provides regular situational awareness updates to senior management to strengthen the Bloom Energy's cyber defence posture
Responsibilities
Bloom Energy is seeking an experienced Senior Manager, Security Operations Centre (SOC) to lead all Cybersecurity Defence program.
In this role, you will oversee 24/7/365 SOC operations, lead a team of cybersecurity analysts performing detection, triage, escalation, monitoring and ensure effective coordination of all incident response activities
The SOC Senior Manager will own all the administration, fine tuning, and optimization of all the SOC tools engineering efforts including timely and accurate analysis of alerts - SIEM, SOAR, EUBA, Threat Intelligence, Data pipelines, Security Data Lake, and NDR
The SOC Senior Manager will lead transformation of existing SOC to AI-powered SOC
The SOC Senior Manager develops detailed incident response playbooks, implements 24x7x365 monitoring and reporting procedures, and provides regular situational awareness updates to senior management to strengthen Bloom Energy's cyber defence posture
Manage day-to-day SOC operations, staffing all shifts, ensuring continuous monitoring of Bloom energy networks and systems for security events and anomalies
Lead SOC analysts performing event detection, triage, escalation, and coordination with incident response teams
Develop, implement, and maintain SOC standard operating procedures (SOPs), playbooks, and escalation protocols
Ensure timely and accurate analysis of alerts from SIEM, EDR, and network monitoring tools such as NDR
Coordinate with cybersecurity, IT operations, NOC, GRC, and Risk Management teams to ensure an integrated defence posture and rapid response to incidents
Oversee SOC training programs, ensuring analyst proficiency in threat detection, correlation, and response processes
Oversee proper hand-off process between different shifts
Rigorously conduct root-cause and trend analysis on incidents to identify systemic vulnerabilities and areas for improvement
Prepare and regularly report SOC related metrics, KPI, KRI
Prepare daily, weekly, monthly, and quarterly operational reports and briefings for senior management
Advise leadership on emerging threats, attack trends, and SOC performance metrics
Drive continuous improvement of monitoring coverage, use cases, and automation within SOC tools and workflows.
Required Qualifications
Bachelor's degree cybersecurity, information systems, or a related technical field and/or 12-15 years of experience in cybersecurity domain including security operations, analysis, and/or incident response
5+ years managing Security Operations team
Experience with SOC tools such as SIEM, SOAR, IDS/IPS, EDR, NDR, Threat Intelligence and Incident Response
Proven ability to coordinate cross-functional teams during incident response and recovery
Experience managing a 24/7 SOC
Familiarity with tools such as Splunk, Recoded Future, Elastic, Tenable, and SOAR platforms
Knowledge of MITRE ATT&CK, and NIST 800-61 (Computer Security Incident Handling Guide)
Experience implementing SOC metrics, KPIs, and automation strategies.
Leadership, communication, and presentation skills, with the ability to brief senior leadership team
Nice to have certifications
• GCFA • GCIA • GICSP • Splunk or other SIEM certifications