Cyber Monitoring Platform Manager

Stellantis

Casablanca-Settat

Description

Job Summary

The Cyber Monitoring Platform Manager is responsible for the end-to-end ownership, strategy, and operational excellence of cyber monitoring platforms supporting the Cyber Defense Operations Center (CDOC).

This role provides senior technical leadership over SIEM, XDR, and SOAR platforms, with a transversal view across all cyber defense services (monitoring, detection, investigation, response, and threat hunting).

The Platform Manager leads and guides Senior Cyber Monitoring Platform Engineers, ensuring platforms are resilient, scalable, secure, cost-efficient, and aligned with SOC operational needs and the evolving threat landscape.

The role acts as a key interface between SOC operations, detection engineering, incident response (CSIRT), threat intelligence, IT/cloud teams, and external partners (e.g. MSSP).

Key Responsibilities

Platform Ownership & Strategy

  • Own the cyber monitoring platform service (SIEM/XDR/SOAR) from strategy to operations.
  • Define and maintain the platform roadmap, aligned with cyber defense and CDOC objectives.
  • Evaluate AI use cases that can drive efficiency, automation, or competitive advantage based on Microsoft Security Copilot and Microsoft Copilot.
  • Ensure platforms effectively enable SOC services across on-prem, cloud, and hybrid environments.
  • Act as service owner for availability, performance, reliability, and cost management.

Technical Leadership & Governance

  • Provide technical leadership and direction to Senior Cyber Monitoring Platform Engineers.
  • Define and enforce architecture standards, design principles, and best practices.
  • Validate key technical decisions related to platform evolution, integrations, and tooling.
  • Ensure consistent governance across production and nonproduction environments.

Cyber Defense Operations Enablement (Transversal Role)

  • Serve as a bridge between platform engineering and SOC operations (L1/L2/L3).
  • Ensure platform capabilities align with the needs of:
  • SOC Analysts / CSIRT
  • Detection Engineers
  • Threat Intelligence
  • Support detection lifecycle management and MITRE ATT&CK–aligned monitoring strategies.
  • Enable advanced investigations and cross platform visibility.

Microsoft Security Platform Oversight

  • Oversee architecture, integration, and evolution of the Microsoft security ecosystem, including:
  • Microsoft Sentinel (SIEM & SOAR)
  • Microsoft Defender XDR
  • Microsoft Security Copilot
  • Ensure efficient data ingestion, correlation, and XDR ‑driven investigations.
  • Drive adoption of automation and AI assisted security capabilities.

Operational Excellence & Reliability

  • Ensure high availability, resilience, and performance of cyber monitoring platforms.
  • Oversee capacity planning, data retention, and cost optimization.
  • Lead major platform incidents, root cause analysis, and continuous improvement actions.
  • Define and monitor platform KPIs and service performance indicators.

Automation & DevSecOps

  • Drive Infrastructure as Code (IaC) and DevSecOps practices across cyber monitoring platforms.
  • Promote automation for deployment, configuration, detection lifecycle, and SOAR workflows.
  • Ensure CI/CD, version control, and change management are embedded into operations.

Stakeholder & Partner Management

  • Act as the primary platform contact for internal stakeholders (SOC, IT, Cloud, Risk).
  • Coordinate with external partners and MSSPs for platform integration and service delivery.
  • Contribute to technology evaluations and vendor management.

Required Skills & Experience

Technical & Security Expertise

  • Strong expertise in SIEM/XDR platforms, ideally within the Microsoft security ecosystem.
  • Deep understanding of SOC operations, cyber monitoring workflows, and detection engineering.
  • Solid knowledge of cloud and hybrid security architectures (Azure).
  • Strong familiarity with MITRE ATT&CK and threat detection strategies.

Leadership & Professional Skills

  • Proven experience leading senior platform engineers.
  • Ability to operate with a transversal, enterprise-wide perspective.
  • Effective communication skills with technical and nontechnical stakeholders.
  • Structured, proactive, and service oriented mindset.

Experience & Education

  • Considerable experience in Cyber Monitoring, SOC Platform Engineering, or Cyber Defense leadership roles.
  • Handson background with Microsoft Sentinel, Defender XDR, and cloud security platforms.
  • Degree in Cybersecurity, Computer Science, Engineering, or equivalent experience.
  • Relevant Microsoft security certifications are a strong advantage.

At Stellantis, we assess candidates based on qualifications, merit and business needs. We welcome applications from people of all gender identities, age, ethnicity, nationality, religion, sexual orientation and disability. Diverse teams will allow us to better meet the evolving needs of our customers and care for our future.