This talk explores the practical challenges and solutions of a global car manufacturer's SOC modernization. We'll move beyond theory to examine their use-case driven approach, focusing on Agile Methodology for rapid progress, Threat-Centric Design to guide security, "SOC as Code" for automation, and SOAR Playbooks for incident response. We'll share insights on optimizing log ingestion, building threat profiles, and "shifting left" by integrating security earlier in development. Additionally, we'll discuss organizational restructuring and balancing transformative change with incremental improvements. This session offers valuable lessons for security professionals modernizing their SOC in a large-scale enterprise.