Regional Head of Security Operations Center (SOC)

The Regional Head of Security Operations Center (SOC) leads and transforms multi-country SOC operations across the UAE, KSA, Kuwait, and Jordan, ensuring scalable and efficient delivery of MSS and MDR services.

This role is responsible for defining SOC strategy, driving automation and AI-led transformation, and aligning operations with global frameworks such as NIST and MITRE ATT&CK.

The position oversees end-to-end SOC service delivery, including technology platforms like SIEM, SOAR, and XDR, while ensuring standardization, profitability, and high service quality.

It also involves managing regional teams, optimizing processes, and maintaining strong governance and compliance across all locations.

Acting as a key customer interface, the role ensures stakeholder satisfaction, leads incident escalation, and supports business growth through collaboration with sales and product teams.

Additionally, the role focuses on performance management, workforce development, and continuous improvement of detection, response, and automation capabilities.

Define and execute the regional SOC strategy aligned with MSS/MDR business objectives

Drive transformation initiatives focused on automation, AI-driven operations, and scalable service delivery

Establish and enhance SOC maturity using frameworks such as NIST and SOC-CMM

Lead innovation in detection, response, and operational efficiency

Oversee SOC operations across UAE, KSA, Kuwait, and Jordan

Design and implement centralized and hybrid SOC operating models

Ensure consistent service delivery, governance, and regulatory compliance across regions

Manage central and regional SOC teams, ensuring operational alignment

Own end-to-end delivery of Managed Security Services (MSS) and Managed Detection & Response (MDR)

Define and optimize service catalogues, SLAs, and pricing strategies

Ensure scalability, standardization, and profitability of SOC services

Maintain high service quality and customer satisfaction

Own and manage SOC technology stack including SIEM, SOAR, XDR, TIP, NDR, DRP, and ASM platforms

Drive platform consolidation and multi-tenant architecture strategy

Lead automation initiatives to reduce manual effort and improve efficiency

Ensure optimal utilization and ROI of cybersecurity tools

Lead development and tuning of detection use cases aligned to MITRE ATT&CK

Oversee SIEM content lifecycle and correlation rule optimization

Drive threat detection improvements using behavioral analytics and UEBA

Enable proactive threat hunting and reduce false positives

Drive AI/ML adoption for threat detection, anomaly identification, and response optimization

Automate L1/L2 SOC activities through SOAR and orchestration platforms

Continuously improve detection accuracy, response speed, and operational efficiency

Oversee vulnerability management including scanning, prioritization, and remediation tracking

Deliver risk-based reporting and ensure compliance alignment

Integrate threat intelligence feeds and OSINT into SOC workflows

Monitor external threats, digital risks, and support proactive defense strategies

Act as executive point of contact for key SOC customers

Lead QBRs, service reviews, and incident escalation (including P1 incidents)

Communicate risks, gaps, and improvement plans effectively

Ensure high levels of customer satisfaction and trust

Define and maintain SOC processes, playbooks, and runbooks

Ensure adherence to global standards and regulatory requirements (e.g., NCA, data residency)

Drive continuous improvement across detection, response, and operations

Establish strong governance and reporting mechanisms

Collaborate with Sales, Presales, and Product teams to support business growth

Contribute to RFPs, proposals, and SOC solution design

Support pricing strategies and market positioning of MSS services

Align SOC capabilities with business and revenue objectives

Define and track SOC KPIs such as MTTD, MTTR, SLA compliance, and analyst productivity

Monitor detection coverage and automation rates

Provide regular performance reports to senior leadership

Drive data-driven decision-making and accountability

Build and lead high-performing SOC teams across regions

Drive workforce planning aligned with growth and nationalization requirements

Lead training, upskilling, and career development programs

Optimize team structure to improve efficiency and reduce attrition

12+ years of experience in cybersecurity with at least 7+ years in SOC/MDR leadership roles, preferably within an MSSP environment

Proven experience managing large-scale, multi-country SOC operations and delivering MSS/MDR services

Strong expertise in SOC technologies including SIEM, SOAR, XDR, Threat Intelligence, and automation platforms

Deep understanding of cybersecurity frameworks such as NIST, ISO 27001, and MITRE ATT&CK, along with SOC maturity models

in driving SOC transformation initiatives including automation, AI/ML adoption, and multi-tenant architecture

Strong leadership skills with experience in building, managing, and scaling high-performing teams across regions

Excellent customer-facing and stakeholder management skills, including handling escalations and executive communication

Good commercial acumen with experience in supporting RFPs, service design, pricing strategies, and business growth initiatives

CISSP, CISM, or equivalent industry-recognized certifications

GIAC certifications such as GCIA, GCIH, GMON, or similar

Relevant cloud and security certifications (e.g., AWS, Azure, GCP security specializations) are an advantage