Hard to get right but I found this helpful

https://www.first.org/resources/papers/conf2019/Public__SOC-Metrics-for-FIRST-v07-002-.pdf

https://www.first.org/resources/papers/metrics-sig/SOC-Metrics-Webinar-for-FIRST-Metrics-SIG-v08a.pdf

"The Role of KPIs in Incident Response"

https://www.darkreading.com/vulnerabilities-threats/the-role-of-kpis-in-incident-response

Jon Hencinski's take on SOC metrics is well worth reading.

https://expel.com/blog/performance-metrics-measuring-soc-efficiency/

https://expel.com/blog/performance-metrics-keeping-things-under-control/

https://expel.com/blog/performance-metrics-part-3-success-stories/

https://expel.com/blog/how-to-measure-soc-quality/

This blogpost from Red Canary's Joe Mole's is good

https://redcanary.com/blog/measuring-reporting-security-operations-program/

Rapid7's take on measuring detection efficacy

https://www.rapid7.com/blog/post/2020/05/15/moving-toward-a-better-signature-metric-in-socs-detection-efficacy/