SOC (Security Operations Center) / ISMS Manager

Techvify Corporation is an End to End AI-Powered Digital Transformation Partner.

At Techvify, we don’t just build software.

We engineer breakthroughs.
We innovate with AI, craft with code, and scale with cloud.

We partner with startups, enterprises, and even competitors on a shared mission:
To turn bold ideas into real-world impact.

If you’re looking to lead digital transformation through intelligent software, we’re ready to build with you.

Let’s create the future – together.

1. Security Operations & Monitoring (Core Responsibility)
Lead and operate the SOC function using:
– Microsoft Defender suite (Defender for Endpoint, Identity, Cloud, Office 365)
– Microsoft Sentinel and/or Splunk as SIEM
– Integrate and operate monitoring from:
– Infrastructure, cloud workloads, applications, and endpoints
– Grafana & Prometheus for infrastructure and service telemetry

Define and maintain:
– Alert triage, escalation, and response workflows
– SOC runbooks and incident playbooks
– Ensure effective correlation between:
– Security logs
– Infrastructure metrics
– Application-level signals

2. Incident Response & Threat Handling
Act as incident owner and commander for security incidents.
Manage response to:
– Endpoint compromise
– Identity-based attacks (AAD / Entra ID)
– Cloud misconfiguration incidents
– Data leakage and insider threats

Coordinate with:
– Infrastructure / Cloud / DevOps teams
– External vendors or MSSPs (if applicable)
– Lead post-incident RCA, lessons learned, and preventive action tracking.

3. Asset Management & Security Ticket Operations
Own security-related asset inventory, including:
– End-user devices (managed via Microsoft Intune)
– Servers, VMs, cloud resources, and network devices
– Ensure asset lifecycle alignment with:
– Security classification
– Risk ownership
– ISO asset management controls

Operate and govern:
– Security ticket queue (incident, vulnerability, audit findings)
– SLAs, escalation rules, and closure quality

Integrate SOC alerts with:
ITSM / ticketing systems (e.g., Jira, ServiceNow, Azure DevOps)

4. Vulnerability Management
Own the vulnerability management lifecycle, including: Discovery, prioritization, remediation, and verification

Operate vulnerability scanning tools across:
– Endpoints
– Servers
– Cloud workloads
– Applications

Collaborate with DevOps teams using:
– SonarQube for code-level security and technical debt
– CI/CD pipelines to shift security left

Track and report:
– Vulnerability aging
– Risk acceptance
– Remediation effectiveness

5. Endpoint, Identity & Zero Trust Security
Enforce endpoint security using:
– Microsoft Defender for Endpoint
– Microsoft Intune (compliance, device health, conditional access)

Oversee:
– Identity & Access Management (Microsoft Entra ID)
– MFA, Conditional Access, Privileged Identity Management (PIM)
– Align security operations with Zero Trust principles.

6. Cloud & Hybrid Security Operations
– Govern security posture for:
– Azure (primary)
– AWS / GCP (if applicable)

Use Defender for Cloud and CSPM practices to:
– Monitor misconfigurations
– Track compliance posture

Collaborate with platform teams on:
– Secure baseline definitions
– Kubernetes and container security (if applicable)

7. Compliance, ISO & Audit Ownership
Own and operate ISO 27001 security controls from an operational standpoint.

Maintain:
– Policies, procedures, and evidence
– Risk assessments and treatment plans

Act as security focal point for:
– ISO audits
– Client security audits and questionnaires
– Penetration test findings
– Ensure continuous compliance, not audit-only readiness.

8. Reporting, Metrics & Continuous Improvement
Define and report SOC KPIs, such as:
– MTTD / MTTR
– Incident trends
– Vulnerability exposure
– Compliance status

Build executive-level security dashboards using:
– Sentinel / Splunk
– Grafana
– Drive SOC maturity roadmap, automation, and tool optimization.

Experience
– 5+ years in Cybersecurity / Information Security
– 1-2+ years leading SOC or Security Operations teams
– Strong experience in IT / Managed Services environments
– Proven hands-on experience with Microsoft or any Cloud / On Premises security ecosystem

Technical Expertise
– Microsoft Defender Suite (Endpoint, Identity, Cloud, O365)
– Microsoft Intune (MDM/MAM, compliance policies)
– SIEM: Microsoft Sentinel and/or Splunk
– Monitoring & observability: Grafana, Prometheus
– Vulnerability management & scanning tools
– Secure SDLC tooling: SonarQube
– Strong understanding of: Cloud security (Azure-first), Endpoint & identity threats, Hybrid infrastructure security

Compliance & Governance
– Strong hands-on experience with ISO 27001
– Experience handling: Audit evidence, Control implementation, Client security assurance

Soft Skills
– Strong operational leadership and decision-making
– Excellent communication with engineering, management, and clients
– Ability to handle high-pressure incident scenarios
– Process-driven, audit-aware mindset

Preferred Certifications
– CISSP / CISM / CISA
– ISO 27001 Lead Implementer or Auditor
– Microsoft Security certifications (SC-200, SC-300, SC-100)
– Cloud security certifications (Azure preferred)

• Salary: Up to 60M
• Join a global team and work directly with many talents around the world.
• Opportunities for onsite work in Japan, Singapore, Australia, and many other countries.
• Work and grow in a dynamic, creative, and professional environment.
• Healthcare: Premium Health Insurance TECHVIFY Care
• 13 months’ salary per year.
• Annual salary evaluation.
• Sponsor and encourage staff to study courses by covering tuition fees, such as Udemy, Coursera.

If you are a driven and talented SOC (Security Operations Center) / ISMS Manager looking for an opportunity to be part of something extraordinary, please submit your resume and cover letter for consideration.

Join our team and let’s create amazing things together! Send your updated CV to this email address:

• Email: [email protected]
• About us: Techvify | End-to-End AI-Powered Digital Transformation Partner