Head of SOC Europe

The Head of the Cybersecurity Operations Center (CSOC) is a strategic and technical leader responsible for overseeing the operations, direction, and continuous improvement of the organization’s global Cybersecurity Operations Center. This role is responsible for ensuring the organization’s cyber defense capabilities remain cutting-edge, resilient, and responsive to emerging threats. The ideal candidate will bring deep expertise in cybersecurity, incident response, threat intelligence, and operational leadership.

What you will do

Strategic Leadership & CSOC Management:
•    Develop and execute the CSOC strategy, ensuring alignment with overall cybersecurity and business objectives.
•    Oversee and manage CSOC operations, including incident response, threat intelligence, and proactive monitoring.
•    Define and refine security monitoring, threat detection, and response strategies to address evolving cyber threats.
•    Continuously assess and improve CSOC processes, tools, and methodologies to enhance efficiency and effectiveness.
•    Lead, mentor, and develop a high-performing CSOC team, ensuring continuous skills development and knowledge sharing.
•    Establish key performance indicators (KPIs) and metrics to measure CSOC effectiveness and drive operational improvements.

Incident Response & Threat Management:
•    Serve as the primary escalation point for major security incidents, overseeing coordination, investigation, containment, and remediation efforts.
•    Collaborate with internal stakeholders and external partners to ensure swift and effective response to cybersecurity threats.
•    Guide post-incident analysis and forensic investigations, ensuring lessons learned are integrated into future strategies.
•    Maintain and enforce incident response procedures, ensuring adherence to regulatory and industry best practices.

Threat Intelligence & Emerging Threats:

• Stay ahead of evolving cyber threats, attack techniques, and emerging security trends.
• Leverage threat intelligence sources to enhance detection capabilities and proactively mitigate risks.
• Work with industry groups, government agencies, and vendors to strengthen the Volvo Group’s cyber defense posture.
• Ensure alignment with frameworks such as MITRE ATT&CK, NIST, and the Cyber Kill Chain to improve threat detection and response.

Collaboration & Compliance:

• Partner with IT, cybersecurity architecture, and compliance teams to ensure CSOC capabilities align with enterprise cybersecurity needs.
• Ensure CSOC operations comply with industry regulations, standards, and best practices (e.g., ISO 27001, NIST, GDPR).
• Communicate cybersecurity risks and CSOC performance to executive leadership, providing insights and recommendations.
• Develop strong relationships with third-party vendors, service providers, and law enforcement as needed.

Who are you?

Do you dream big? We do too, and we are excited to grow together. In this role, you will bring: 

• Education & Experience
• Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or a related field (Master’s degree preferred).
• Experience: Minimum 7+ years of cybersecurity experience, with at least 4+ years in a SOC leadership role.
• Certifications: Preferred certifications include CISSP, CISM, CISA, GIAC (GCIA, GCIH, GSEC), or equivalent.

•  
• Technical Expertise
  • Extensive experience in security operations, incident response, digital forensics, and threat intelligence.
  • Strong knowledge of SIEM, EDR, IDS/IPS, SOAR, and other security monitoring technologies.
  • Deep understanding of cybersecurity frameworks, regulations, and best practices.
  • Familiarity with scripting and automation (Python, PowerShell, etc.) to optimize SOC workflows.

Preferred Qualifications: 
•    Strong leadership and team management skills, with the ability to motivate and develop a high-performing SOC team.
•    Excellent problem-solving, analytical, and decision-making capabilities.
•    Ability to communicate complex cybersecurity issues to both technical and non-technical stakeholders.
•    Experience working in a global enterprise environment, managing security operations across multiple regions.
•    A forward-thinking mindset with the ability to anticipate and proactively address security challenges.

Why Join Us?
•    Lead a cutting-edge Cybersecurity Operations Center at the forefront of defending against evolving cyber threats.
•    Work with a highly skilled team in a collaborative and innovative environment.
•    Make a significant impact by shaping and enhancing the organization’s cybersecurity strategy.

As the recruitment period overlaps with the summer holidays, the process may move at a slower pace, and we will resume with full momentum after the holiday period.

“In some countries and for specific positions within Volvo Group Digital & IT, background checks may be required, in accordance with local laws & regulations. If this is applicable to the role you have applied for, you will be informed.”

Union representatives for Swedish applicants:

Akademikerna – Mikael Johansson, +46 73 902 34 30
Unionen – Lajla Dahlsjö, +46 31 322 45 75
Ledarna – Carina Sachade, +46 73 902 40 83