As part of our Cyber Technology Consulting leadership team, you will lead and deliver SOC transformation and Threat Management programs for clients across the MENA region. You will oversee the full lifecycle of SOC design, implementation, and optimization, guide detection and response strategy, and manage multi-disciplinary teams to enhance clients’ cyber resilience and operational maturity. You'll collaborate closely with clients to mature their security operations while working with cross-functional teams across our Advisory practice.

The opportunity

We are seeking a manager with proven expertise in Security Operations, Threat Detection, Threat Intelligence, and Incident Response to join our Cybersecurity team.

This role presents an exceptional opportunity to help organizations enhance their cyber resilience, strengthen threat detection capabilities, and ensure effective response to complex security incidents. You will work closely with CISOs and executive stakeholders to define regional SOC strategies and lead high-impact threat management programs that advance national and enterprise-level cyber defense maturity.

Your key responsibilities

• Lead end-to-end SOC and Threat Management engagements from design to operation.
• Deliver cyber threat monitoring, threat hunting, and incident response engagements for a diverse range of clients.
• Define SOC target operating models, governance frameworks, and capability roadmaps.
• Manage SOC transformation projects, including process re-engineering, technology integration, and staffing models.
• Guide clients in establishing 24x7 monitoring models, incident escalation procedures, and operational runbooks.
• Lead major security incident response efforts, including cyber crisis simulation and executive tabletop exercises.
• Define, develop, and refine detection engineering strategies, including use case development, alert logic, correlation rules, and automation using SIEM, SOAR, and XDR platforms.
• Conduct SOC maturity and capability assessments, aligning findings with NIST CSF, MITRE ATT&CK, and regional cybersecurity frameworks (e.g., NCA ECC/DCC).
• Provide strategic advisory on threat detection optimization, cyber defense posture, and incident response readiness.
• Act as engagement lead, ensuring delivery quality, client satisfaction, and adherence to timelines and budgets.
• Integrate threat intelligence and proactive hunting programs into SOC workflows.
• Develop detailed reports and executive-ready recommendations, effectively communicating technical findings to all stakeholders.
• Mentor and supervise junior and senior consultants, fostering technical growth and knowledge sharing.
• Contribute to business development, proposals, and go-to-market initiatives for SOC services.
• Collaborate with other Cyber Competencies (e.g., Cloud Security, Incident Response, OT Security) to deliver integrated client solutions.

Skills and attributes for success

• Proven leadership in SOC build, operate, or transformation projects.
• Strong technical background in SIEM, SOAR, and EDR/XDR platforms, including architecture, rule finetuning, and end-to-end use case lifecycle development.
• In-depth understanding of the threat intelligence lifecycle, attacker TTPs, and emerging threats such as APT, ransomware, and insider threats.
• Hands-on knowledge of MITRE ATT&CK, NIST CSF and incident handling best practices.
• Experience in developing SOC playbooks, use cases, KPIs, and SOC operating models.
• Ability to communicate technical/complex cyber risks and threats effectively to both technical and non-technical stakeholders, including senior management.
• Proven experience managing large-scale SOC transformation and threat detection programs across diverse client environments.
• Collaborating with other members of the engagement team to develop the engagement plan, timelines, risk assessments and other documents/templates.
• Ability to analyze and interpret complex technical results and present insights to business stakeholders.
• Strong analytical, problem-solving, and critical-thinking skills.
• Excellent communication and collaboration skills.

To qualify for the role, you must have

• Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or related field.
• 6–10 years of experience in SOC operations, Threat Management, or Cyber Defense, with at least 3 years in a leadership or management role.
• Demonstrated experience leading SOC transformations or large-scale cyber defense programs.
• Strong client management and engagement delivery skills.
• Excellent written and verbal communication skills with executive presence.
• Valid passport and willingness to travel across MENA for client engagements.

Ideally, you’ll also have

• Industry-recognized certifications such as GCIA, GCED, GCIH, GCFA, CISSP, CCSP, or equivalent.
• Familiarity with threat intel feeds (e.g., MISP, Anomali, Recorded Future) and TIP platforms.
• Experience integrating AI/ML use cases into SOC environments (e.g., behavioral/anomaly detection use cases).
• Exposure to SOC-as-a-Service delivery models, hybrid SOC architectures, and MSSP integration.

What we offer

We offer a competitive compensation package where you’ll be rewarded based on performance and recognized for the value you bring to our business. Plus, we offer:

• Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
• Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.

If you can demonstrate that you meet the criteria above, please contact us as soon as possible.

The exceptional EY experience. It’s yours to build.

EY | Building a better working world

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform, and operate.

Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.