Security Operations Center (SOC) Manager

Why work at Nebius Nebius is leading a new era in cloud computing to serve the global AI economy. We create the tools and resources our customers need to solve real-world challenges and transform industries, without massive infrastructure costs or the need to build large in-house AI/ML teams. Our employees work at the cutting edge of AI cloud infrastructure alongside some of the most experienced and innovative leaders and engineers in the field. Where we work Headquartered in Amsterdam and listed on Nasdaq, Nebius has a global footprint with RD hubs across Europe, North America, and Israel. The team of over 1400 employees includes more than 400 highly skilled engineers with deep expertise across hardware and software engineering, as well as an in-house AI RD team. The role Nebius is looking for a an experienced SOC Manager to join the Cyber Security organization, reporting to the Head of Detection Response under the CISO. This role is responsible for leading the organization’s Security Operations Center (SOC), overseeing 24/7 monitoring, detection, and response activities across cloud, infrastructure, SaaS, and enterprise environments. The ideal candidate is both operationally strong and strategically minded, with hands-on experience in security operations, incident response, and team leadership. You will drive continuous improvement of detection and response capabilities while ensuring effective collaboration with Security, DevOps, Infrastructure, and Engineering teams. You’re welcome to work in our offices in Tel Aviv. Your responsibilities will include: SOC Operations Leadership Lead and manage day-to-day SOC operations, including monitoring, detection, triage, and incident response. Oversee security alerts and incidents across SIEM, EDR/XDR, cloud security, and other detection platforms. Ensure timely and effective response to security incidents in accordance with defined SLAs and severity levels. Manage SOC analysts (internal or external), including task prioritization, shift coverage, performance, and professional development. Incident Response Handling Own the full incident response lifecycle: detection, analysis, containment, eradication, and recovery. Act as the primary escalation point for complex or high-severity security incidents. Coordinate cross-functional response efforts with Security, IT, DevOps, Infrastructure, and Engineering teams. Ensure proper documentation, incident tracking, and execution of post-incident reviews (lessons learned). Detection, Monitoring Improvement Continuously improve detection capabilities, including development and tuning of use cases and alerting rules. Reduce false positives while increasing detection coverage, accuracy, and operational efficiency. Drive onboarding of new log sources and security telemetry into SIEM and monitoring platforms. Promote automation and orchestration (SOAR) to improve response times and reduce manual effort. Governance, KPIs Reporting Define, track, and report on SOC KPIs such as MTTD, MTTR, alert volumes, and incident trends. Build and maintain dashboards and executive-level reporting for the CISO and senior leadership. Develop and maintain SOC playbooks, runbooks, and standard operating procedures. Support audits, compliance activities, and alignment with security frameworks and policies. We expect you to have: 5+ years of experience in cyber security operations, SOC, or incident response roles. 2+ years of experience managing or leading SOC teams (internal or MSSP). Hands-on experience with SIEM platforms (e.g., Splunk, Sentinel, QRadar) and EDR/XDR tools. Strong understanding of incident response processes and security operations workflows. Experience working in cloud environments (AWS, GCP, Azure) and modern infrastructure. Strong analytical and problem-solving skills with high attention to detail. Experience working cross-functionally with Security, DevOps, IT, and Engineering teams. It will be an added bonus ... (truncated, view full listing at source)