Manager, Global Security Operations Center

Requistion ID: 82842 

The Senior Manager of the Global Security Operations Center (SOC) provides strategic and operational leadership for Dentsply Sirona’s global cyber-defense function.

This role oversees a hybrid operational model integrating:

• Third Party or Internal 24x7 Tier 1-2 monitoring
• Internal Tier 3 analysts across the Americas, EMEA, and APAC
• Supported Monitoring, Alerting, and Response Tooling

And integrates capabilities through tooling, telemetry, and detection development in coordination with:

• Security Architecture and Engineering
• Corporate Infrastructure
• Enterprise Architecture
• Others as required

This leader ensures consistent detection, investigation, and response across cloud, enterprise, and manufacturing environments while driving automation, improving signal quality, reducing response time, and maturing operational processes in alignment with ISO 27001, IEC 81001-5-1, SOX, and NIST frameworks. The role aligns with internationally recognized cybersecurity standards and frameworks, including ISO/IEC 27001, ISO/IEC 27032, ENISA guidelines, and NIST NICE, ensuring global applicability and compliance.

Role Scope Includes:

• Leadership of global SOC operations, personnel, and vendor partnerships
• Governance of SIEM, SOAR, and XDR platforms and other GSOC relevant tooling
• Ownership of incident response workflows and SOC process maturity
• Reporting and operational metrics (MTTD, MTTR, automation ROI, false positive rate)
• Cross-functional coordination with IT, OT, Cloud, Compliance, and Architecture teams

Leadership & Governance

• Lead, mentor, and develop a distributed team of senior SOC analysts across multiple regions.
• Govern 3rd Party tooling and personnel performance, SLAs, escalations, and service quality.
• Define, maintain, and enforce SOC standard operating procedures, playbooks, and escalation paths.

Detection & Response Operations

• Oversee end-to-end incident lifecycle: detection → triage → containment → remediation → lessons learned.
• Ensure high-quality triage and reduced false positives through tuning and signal optimization.
• Coordinate closely with Security Architecture to onboard new log sources and build detection-as-code pipelines.

   

  Technology Ownership

  • Own SIEM/SOAR operations, including SIEM, SOAR, CASB, and  XDR with others as required and defined
  • Lead log onboarding, rule tuning, alert correlation, automation playbook development, and health monitoring.
  • Evaluate and implement new telemetry sources, threat intelligence integrations, and detection models.

  Threat Intelligence & Hunting

  • Develop and operationalize a threat intelligence capability drawing from MSTIC, Mandiant, ISACs, etc.
  • Lead or coordinate threat hunting, adversary emulation, and advanced TTP analysis initiatives.

  Metrics, Reporting & Continuous Improvement

  • Establish and maintain operational dashboards and KPIs (MTTD, MTTR, coverage, automation usage, FP rate).
  • Deliver weekly operational updates, monthly reports, and quarterly executive briefings to leadership.
  • Conduct post-incident reviews, trend analysis, and maturity assessments to drive measurable improvement.

  Compliance & Security Assurance

  • Support internal and external audits for SOX, ISO 27001, IEC 81001-5-1 along with others as required and defined.
  • Maintain evidence documentation and ensure SOC controls remain effective and test-ready.
  • Plan and execute quarterly DR exercises and annual table-top scenarios.

Requirements: 

Education

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field.
• Master’s degree preferred (or equivalent practical experience).

Experience

• 8+ years in security operations, cyber defense, incident response, or threat management.
• 3–5 years in a leadership role managing SOC or IR teams within a global enterprise or MSSP/SOC-as-a-Service environment.
• Hands-on experience with SIEM/SOAR administration and tuning—ideally Google SecOps / Splunk/ or other industry leading SIEM tools.
• Proven experience managing Global SOC Operations, external MSSP relationships, and internal response teams.
• Background with cloud security (Azure / GCP preferred; AWS/Alibaba a plus) and, ideally, exposure to OT/Manufacturing environments.
• Expert understanding of SOC operations, MITRE ATT&CK, detection engineering, and incident response methodologies.

Key Skills & Knowledge

• Strong analytical and problem-solving capabilities; ability to interpret large datasets and signals.
• Proficiency with security automation, REST APIs, and playbook engineering.
• Real-world experience with threat intel application and proactive threat hunting.
• Exceptional communication and documentation skills — clear, concise, and executive-ready.
• Preferred certifications: CISSP, CISM, GCIA, GCIH, GSOC, GMON, Microsoft SC-series certifications, CompTIA Security+, EC-Council CSA, GIAC GSOC, GIAC GCIH, Offensive Security OSCP, ISO/IEC 27001 Lead Implementer, and other globally recognized cybersecurity certifications.