Job Description
Organizations everywhere struggle under the crushing costs and complexities of “solutions” that promise to simplify their lives. To create a better experience for their customers and employees. To help them grow. Software is a choice that can make or break a business. Create better or worse experiences. Propel or throttle growth. Business software has become a blocker instead of ways to get work done.
There’s another option. Freshworks. With a fresh vision for how the world works.
At Freshworks, we build uncomplicated service software that delivers exceptional customer and employee experiences. Our enterprise-grade solutions are powerful, yet easy to use, and quick to deliver results. Our people-first approach to AI eliminates friction, making employees more effective and organizations more productive. Over 72,000 companies, including Bridgestone, New Balance, Nucor, S&P Global, and Sony Music, trust Freshworks’ customer experience (CX) and employee experience (EX) software to fuel customer loyalty and service efficiency. And, over 4,500 Freshworks employees make this possible, all around the world.
Fresh vision. Real impact. Come build it with us.
We are seeking an experienced SOC Manager to lead and mature our 24x7 Security Operations Center (SOC). The role is responsible for overseeing security monitoring, incident response, threat detection, threat hunting, SOC automation, and continuous improvement initiatives. The SOC Manager will lead a team of security analysts and engineers while working closely with Product Security, Infrastructure, IT, and Engineering teams to strengthen the organization’s cyber resilience.
Key Responsibilities
- Lead and manage day-to-day Security Operations Center (SOC) activities, ensuring timely detection, investigation, containment, and remediation of security incidents.
- Act as the Incident Commander for Critical and High severity cybersecurity incidents and coordinate cross-functional response efforts.
- Drive continuous improvement of detection use cases, SIEM (XSIAM), SOAR automation, and SOC processes to improve operational efficiency.
- Oversee security monitoring across cloud, endpoint, identity, network, and application environments.
- Lead Threat Hunting activities and proactively identify emerging threats, attack techniques, and security gaps.
- Manage security incidents throughout the entire incident lifecycle, including post-incident reviews and lessons learned.
- Define and track SOC KPIs, SLAs, MTTD, MTTR, false positives, automation coverage, and operational metrics.
- Collaborate with Product Security, Engineering, IT, and Infrastructure teams to improve overall security posture.
- Drive SOC roadmap initiatives, including AI-driven investigations, automation, threat intelligence integration, and detection engineering improvements.
- Evaluate and onboard new security technologies and vendors that enhance SOC capabilities.
- Ensure operational readiness for major cyber incidents through playbooks, tabletop exercises, and response simulations.
- Mentor and develop SOC analysts and engineers through coaching, technical guidance, and career development.
- Prepare executive dashboards, operational reports, and security metrics for senior leadership.
- Support audit, compliance, regulatory, and customer security requirements where applicable.
Qualifications
Required Skills & Experience
- 8–12+ years of experience in Cyber Security with at least 3–5 years managing Security Operations.
- Strong experience managing enterprise SOC environments.
- Hands-on experience with SIEM platforms (preferably Palo Alto Cortex XSIAM/XDR, Splunk, Microsoft Sentinel, QRadar, etc.).
- Experience with SOAR platforms and security automation.
- Strong understanding of Incident Response, Digital Forensics, Threat Hunting, Threat Intelligence, and Detection Engineering.
- Experience managing Critical (P1) cybersecurity incidents.
- Good understanding of MITRE ATT&CK, Cyber Kill Chain, and modern attack techniques.
- Experience securing cloud environments (AWS, Azure, GCP).
- Strong stakeholder management and executive communication skills.
- Experience managing vendors, MSSPs, and third-party security solutions.
- Knowledge of security frameworks such as NIST CSF, ISO 27001, CIS Controls, and MITRE ATT&CK.
Preferred Qualifications
- CISSP, GIAC (GCIH/GCIA), GCFA, CISM, or equivalent certifications.
- Experience with Palo Alto Cortex XSIAM, XSOAR, CrowdStrike, Microsoft Defender, and cloud-native security platforms.
- Experience implementing AI-driven SOC operations and security automation.
Key Competencies
- Leadership and people management
- Incident command and crisis management
- Strategic thinking and execution
- Stakeholder management
- Decision-making under pressure
- Communication and executive reporting
- Process improvement and automation mindset
- Continuous learning and innovation
Success Measures
- Reduced Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR)
- Improved SOC automation and investigation efficiency
- Increased detection coverage and reduced false positives
- Effective handling of Critical and High severity incidents
- Successful execution of SOC roadmap initiatives
- High team engagement, capability development, and operational excellence
Additional Information
At Freshworks, we have fostered an environment that enables everyone to find their true potential, purpose, and passion, welcoming colleagues of all backgrounds, genders, sexual orientations, religions, and ethnicities. We are committed to providing equal opportunity and believe that diversity in the workplace creates a more vibrant, richer environment that boosts the goals of our employees, communities, and business. Fresh vision. Real impact. Come build it with us.