Technical Manager SOC

Technical Manager SOC

Work Experience: 13 to 18 Years

Work Timing: US work timing (Should be flexible as per the need)

Work Location: Chennai Work from office

We are seeking a seasoned Offshore Cybersecurity Manager to lead and optimize end-to-end Security Operations Center (SOC) functions for a major US Healthcare provider. This role is a

critical blend of technical orchestration Cybersecurity Service Delivery and People Leadership.

You will be responsible for the 24/7 operational readiness of the offshore team ensuring that patient data (PHI) is protected around the clock. This includes everything from the granular management of shift rosters to high-stakes leadership during emergency cyber incidents.

Core Responsibilities:

1. SOC Leadership & Team Management

People Development: Lead mentor and conduct performance evaluations for a multi- tiered team of SOC analysts (L1 L2 L3). Foster a culture of continuous learning and technical excellence.

Shift Roster Preparation: Design and manage 24/7/365 shift rotations ensuring seamless handovers between time zones. Account for peak traffic periods planned leaves and Follow-the-Sun support models.

Capacity Planning: Monitor team utilization and burnout levels ensuring the SOC is adequately staffed to handle alert volumes without compromising quality.

2. Emergency Response & Incident Command

Crisis Leadership: Act as the Incident Commander during major security events (e.g. Ransomware Data Breaches). Lead the offshore response and coordinate with US- based stakeholders until resolution.

Emergency Escalation: Define and execute Critical Path communication protocols to ensure hospital leadership is notified immediately during high-impact outages or threats.

Post-Mortem Orchestration: Lead Root Cause Analysis (RCA) sessions after major incidents to improve detection logic and response playbooks.

3. Service Delivery & Client Interaction

SLA/KPI Governance: Take full ownership of contractual obligations. Monitor Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR) specifically for high- priority healthcare environments.

Executive Presence: Represent the offshore SOC in Weekly/Monthly Business Reviews (WBR/MBR). Translate technical telemetry into business risk and clinical impact reports for US hospital executives.

Vendor & Tool Optimization: Manage relationships with security vendors and ensure tools like MS Sentinel and CrowdStrike are delivering maximum ROI.

Required Technical Skills & Qualifications:

Frameworks: Expert knowledge of NIST CSF MITRE ATTCCK and HIPAA/HITECH compliance.

Tooling: Mastery of Microsoft Sentinel (KQL Workbook creation) CrowdStrike Falcon and Proofpoint.

Defence Strategy: Practical experience in Purple Teaming Threat Hunting and Next-Gen SIEM automation.

Log Integration: Proven ability to onboard diverse telemetry from Firewalls Cloud (Azure) and Medical IoT devices.

Professional Attributes:

Resilience: Ability to remain calm and decisive during high-pressure emergency War Room scenarios.

Communication: Flawless English communication skills; able to bridge the gap between offshore technical teams and US-based executive leadership.

Strategic Vision: Ability to evolve the SOC from a re ctive monitoring unit to a proactive threat-informed defence centre.