Head of Global Security Operations Center (SOC) and Incident Response

The Global Head of Security Operations Centers (SOC) and Incident Response (IR) will be responsible for leading the development, implementation, and management of several global security operations centers and incident response program within the organization. This position will oversee multiple SOC delivery centers in different geographies, utilizing a follow the sun model. The role will ensure SOC and IR operations and coverage are aligned with the needs of the business including information technical (IT), operational technology (OT) and Vehicle SOC.
Main Responsibilities:
Develop and implement SOC and IR strategies and processes that meet the needs of the organization globally.
Lead the design, development, testing, and maintenance of SOC and IR systems and processes.
Manage the SOC and IR management team globally, providing leadership, guidance, and support to ensure successful delivery of programs and services.
Collaborate with other teams, such as digital forensics and investigations, threat intelligence, data privacy office and legal, to ensure that SOC and IR processes are aligned with broader cybersecurity goals.
Manage stake holder relationships in the line of business, translating their business needs to development activities in the Enterprise IT Security (EITS) organisation.
Ensure the effective and efficient delivery of SOC and IR services across different regions and time zones, utilizing a follow the sun model.
Manage the response to cybersecurity incidents, providing technical expertise and support for SOC and IR activities. Communicating business context to relevant stake holders.
Continuously monitor SOC and IR processes and systems to identify opportunities for improvement and optimization. Collaborating closely with the CDC engineering leadership and associated delivery organisation.
Ensure that all SOC and IR-related activities comply with industry best practices, legal and regulatory requirements, and internal policies and standards.
Establish and maintain relationships with external partners, such as vendors and industry organizations, to support the organization's SOC and IR activities.

Qualifications:
Bachelor's or Master's degree in Computer Science, Cybersecurity, or a related field.
10+ years of experience in security operations and incident response, with a focus on managing multiple delivery centers in different geographies.
5+ years of experience in a leadership role, managing teams and programs globally.
Proven experience in developing and implementing SOC and IR strategies and processes.
Strong knowledge of SOC and IR tools and technologies, such as SIEM, EDR, and incident response playbooks.
Experience with incident response, including triage, containment, investigation, and recovery.
Knowledge of cyber threats and attack techniques, as well as relevant legal and regulatory frameworks.
Excellent communication and interpersonal skills, with the ability to collaborate effectively with technical and non-technical stakeholders.
Strong analytical and problem-solving skills, with the ability to identify and resolve complex technical issues.



We are looking forward to reviewing your application!


Union Representatives:


Akademikerna – Therese Koggdal, +46 470 387855
Unionen - Lajla Dahlsjö +46 31 3224575
Ledarna – Ulrika Holmberg +46 73 9025071


Kindly note that due to GDPR, we will not accept applications via mail. Please use our career site.