Security Operations Center (SOC) Manager

About Nebius: Nebius is leading a new era in cloud infrastructure for the global AI economy. We are building a full-stack AI cloud platform that supports developers and enterprises from data and model training through to production deployment, without the cost and complexity of building large in-house AI/ML infrastructure. Built by engineers, for engineers.

From large-scale GPU orchestration to inference optimization, we own the hard problems across compute, storage, networking and applied AI. Listed on Nasdaq (NBIS) and headquartered in Amsterdam, we have a global footprint with R&D hubs across Europe, the UK, North America and Israel. Our team of 1,500+ includes hundreds of engineers with deep expertise across hardware, software and AI R&D.

The role Nebius is looking for a an experienced SOC Manager to join the Cyber Security organization, reporting to the Head of Detection & Response under the CISO. This role is responsible for leading the organization’s Security Operations Center (SOC), overseeing 24/7 monitoring, detection, and response activities across cloud, infrastructure, SaaS, and enterprise environments.

The ideal candidate is both operationally strong and strategically minded, with hands-on experience in security operations, incident response, and team leadership. You will drive continuous improvement of detection and response capabilities while ensuring effective collaboration with Security, DevOps, Infrastructure, and Engineering teams. You’re welcome to work in our offices in Tel Aviv.

Your responsibilities will include: SOC Operations Leadership Lead and manage day-to-day SOC operations, including monitoring, detection, triage, and incident response. Oversee security alerts and incidents across SIEM, EDR/XDR, cloud security, and other detection platforms. Ensure timely and effective response to security incidents in accordance with defined SLAs and severity levels.

Manage SOC analysts (internal or external), including task prioritization, shift coverage, performance, and professional development. Incident Response & Handling Own the full incident response lifecycle: detection, analysis, containment, eradication, and recovery. Act as the primary escalation point for complex or high-severity security incidents.

Coordinate cross-functional response efforts with Security, IT, DevOps, Infrastructure, and Engineering teams. Ensure proper documentation, incident tracking, and execution of post-incident reviews (lessons learned). Detection, Monitoring & Improvement Continuously improve detection capabilities, including development and tuning of use cases and alerting rules.

Reduce false positives while increasing detection coverage, accuracy, and operational efficiency. Drive onboarding of new log sources and security telemetry into SIEM and monitoring platforms. Promote automation and orchestration (SOAR) to improve response times and reduce manual effort.

Governance, KPIs & Reporting Define, track, and report on SOC KPIs such as MTTD, MTTR, alert volumes, and incident trends. Build and maintain dashboards and executive-level reporting for the CISO and senior leadership. Develop and maintain SOC playbooks, runbooks, and standard operating procedures. Support audits, compliance activities, and alignment with security frameworks and policies.

We expect you to have: 5+ years of experience in cyber security operations, SOC, or incident response roles. 2+ years of experience managing or leading SOC teams (internal or MSSP). , Splunk, Sentinel, QRadar) and EDR/XDR tools. Strong understanding of incident response processes and security operations workflows.

Experience working in cloud environments (AWS, GCP, Azure) and modern infrastructure. Strong analytical and problem-solving skills with high attention to detail.

Experience working cross-functionally with Security, DevOps, IT, and Engineering teams. It will be an added bonus if you have: Experience building or scaling SOC capabilities in a growing organization. Familiarity with SOAR platforms and security automation. Knowledge of threat intelligence and threat hunting methodologies.

Experience working within a CISO organization or Security PMO. Familiarity with regulatory frameworks (ISO 27001, SOC 2, NIST, etc.). Background in SaaS, cloud-native environments, or large-scale enterprise systems. BSc in Computer Science, Information Security, or a related field.

Benefits & Perks: Competitive compensation Career growth and learning opportunities Flexibility and work-life balance Collaborative and innovative culture Opportunity to work on impactful AI projects International environment and talented teams What's it like to work at Nebius: Fast moving - Bold thinking - Constant growth - Meaningful impact - Trust and real ownership - Opportunity to shape the future of AI Equal Opportunity Statement: Nebius is an equal opportunity employer.

We are committed to fostering an inclusive and diverse workplace and to providing equal employment opportunities in all aspects of employment.

We do not discriminate on the basis of race, color, religion, sex (including pregnancy), national origin, ancestry, age, disability, genetic information, marital status, veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by applicable law.

Applicants must be authorized to work in the country in which they apply and will be required to provide proof of employment eligibility as a condition of hire. If you need accommodations during the application process, please let us know.