IranServer is seeking a specialized, structured, and forward-thinking SOC Manager to enhance security posture, continuously monitor threats, manage security incidents, and develop a modern, AI-driven SOC. If you are interested in leading security teams, standardizing processes, developing Detection & Response structures, and designing intelligent security architectures, this role can play a key part in your professional career path.

Key Responsibilities:

• Lead SOC operations and Tier 1/2 & Threat Intelligence teams
• Own the full incident lifecycle from detection to closure (including RCA)
• Design and improve monitoring, incident response, and threat detection processes
• Define and track SOC metrics (SLA, KPI, MTTD, MTTR)
• Build and maintain detections using SIEM (preferably Splunk / Splunk ES) and MITRE ATT&CK
• Implement playbooks, runbooks, and security automation (SOAR, Python, APIs)
• Work closely with NOC, Infrastructure, SRE, and DevOps teams
• Support security for cloud services, datacenters, and hosting platforms

Required Qualifications & Skills:

• Hands-on experience managing a SOC or security operations teams
• Strong expertise in SIEM platforms, preferably Splunk Enterprise / Splunk ES
• Solid knowledge of Incident Response, Threat Detection, Log Analysis, Network Security, and System Hardening
• Strong understanding of security frameworks and standards including MITRE ATT&CK, NIST 800-61, ISO 27001, and CIS Controls
• Experience with security tools such as IDS/IPS, WAF, EDR, Anti-DDoS, and vulnerability scanners (Nessus / OpenVAS)
• Proficiency in Python scripting, API integration, and security automation (SOAR)
• Familiarity with AIOps, anomaly detection, machine learning for security, and attack analysis
• Experience with cloud security, virtualization, containers, and microservices is a plus