Security Operations Center (SOC) Manager at Nebius

Why work at Nebius Nebius is leading a new era in cloud computing to serve the global AI economy. We create the tools and resources our customers need to solve real-world challenges and transform industries, without massive infrastructure costs or the need to build large in-house AI/ML teams. Our employees work at the cutting edge of AI cloud infrastructure alongside some of the most experienced and innovative leaders and engineers in the field. Where we work Headquartered in Amsterdam and listed on Nasdaq, Nebius has a global footprint with R&D hubs across Europe, North America, and Israel. The team of over 1400 employees includes more than 400 highly skilled engineers with deep expertise across hardware and software engineering, as well as an in-house AI R&D team. The role Nebius is looking for a an experienced SOC Manager to join the Cyber Security organization, reporting to the Head of Detection & Response under the CISO. This role is responsible for leading the organization’s Security Operations Center (SOC), overseeing 24/7 monitoring, detection, and response activities across cloud, infrastructure, SaaS, and enterprise environments. The ideal candidate is both operationally strong and strategically minded, with hands-on experience in security operations, incident response, and team leadership. You will drive continuous improvement of detection and response capabilities while ensuring effective collaboration with Security, DevOps, Infrastructure, and Engineering teams. You’re welcome to work in our offices in Tel Aviv. Your responsibilities will include: SOC Operations Leadership • Lead and manage day-to-day SOC operations, including monitoring, detection, triage, and incident response. • Oversee security alerts and incidents across SIEM, EDR/XDR, cloud security, and other detection platforms. • Ensure timely and effective response to security incidents in accordance with defined SLAs and severity levels. • Manage SOC analysts (internal or external), including task prioritization, shift coverage, performance, and professional development. Incident Response & Handling • Own the full incident response lifecycle: detection, analysis, containment, eradication, and recovery. • Act as the primary escalation point for complex or high-severity security incidents. • Coordinate cross-functional response efforts with Security, IT, DevOps, Infrastructure, and Engineering teams. • Ensure proper documentation, incident tracking, and execution of post-incident reviews (lessons learned). Detection, Monitoring & Improvement • Continuously improve detection capabilities, including development and tuning of use cases and alerting rules. • Reduce false positives while increasing detection coverage, accuracy, and operational efficiency. • Drive onboarding of new log sources and security telemetry into SIEM and monitoring platforms. • Promote automation and orchestration (SOAR) to improve response times and reduce manual effort. Governance, KPIs & Reporting • Define, track, and report on SOC KPIs such as MTTD, MTTR, alert volumes, and incident trends. • Build and maintain dashboards and executive-level reporting for the CISO and senior leadership. • Develop and maintain SOC playbooks, runbooks, and standard operating procedures. • Support audits, compliance activities, and alignment with security frameworks and policies. We expect you to have: • 5+ years of experience in cyber security operations, SOC, or incident response roles. • 2+ years of experience managing or leading SOC teams (internal or MSSP). • Hands-on experience with SIEM platforms (e.g., Splunk, Sentinel, QRadar) and EDR/XDR tools. • Strong understanding of incident response processes and security operations workflows. • Experience working in cloud environments (AWS, GCP, Azure) and modern infrastructure. • Strong analytical and problem-solving skills with high attention to detail. • Experience working cross-functionally with Security, DevOps, IT, and Engineering teams. It will be an added bonus if you have: • Experience building or scaling SOC capabilities in a growing organization. • Familiarity with SOAR platforms and security automation. • Knowledge of threat intelligence and threat hunting methodologies. • Experience working within a CISO organization or Security PMO. • Familiarity with regulatory frameworks (ISO 27001, SOC 2, NIST, etc.). • Background in SaaS, cloud-native environments, or large-scale enterprise systems. • BSc in Computer Science, Information Security, or a related field. What we offer • Competitive salary and comprehensive benefits package. • Opportunities for professional growth within Nebius. • Flexible working arrangements. • A dynamic and collaborative work environment that values initiative and innovation. We’re growing and expanding our products every day. If you’re up to the challenge and are excited about AI and ML as much as we are, join us!