Job Title

Technical Manager – SOCWork Experience: 13 to 18 YearsWork Timing: US work timing (Should be flexible as per the need)Work Location: Chennai – Work from officeCore Responsibilities:1. SOC Leadership & Team Management• People Development: Lead, mentor, and conduct performance evaluations for a multi- tiered team of SOC analysts (L1, L2, L3). Foster a culture of continuous learning and technical excellence.• Shift Roster Preparation: Design and manage 24/7/365 shift rotations, ensuring seamless handovers between time zones. Account for peak traffic periods, planned leaves, and /"Follow-the-Sun/" support models.• Capacity Planning: Monitor team utilization and burnout levels, ensuring the SOC is adequately staffed to handle alert volumes without compromising quality.2. Emergency Response & Incident Command• Crisis Leadership: Act as the Incident Commander during major security events (e.g., Ransomware, Data Breaches). Lead the offshore response and coordinate with US- based stakeholders until resolution.• Emergency Escalation: Define and execute /"Critical Path/" communication protocols to ensure hospital leadership is notified immediately during high-impact outages or threats.• Post-Mortem Orchestration: Lead Root Cause Analysis (RCA) sessions after major incidents to improve detection logic and response playbooks.3. Service Delivery & Client Interaction• SLA/KPI Governance: Take full ownership of contractual obligations. Monitor /"Mean Time to Detect/" (MTTD) and /"Mean Time to Respond/" (MTTR), specifically for high- priority healthcare environments.• Executive Presence: Represent the offshore SOC in Weekly/Monthly Business Reviews (WBR/MBR). Translate technical telemetry into business risk and clinical impact reports for US hospital executives.• Vendor & Tool Optimization: Manage relationships with security vendors and ensure tools like MS Sentinel and CrowdStrike are delivering maximum ROI.Required Technical Skills & Qualifications:• Frameworks: Expert knowledge of NIST CSF, MITRE ATTCCK, and HIPAA/HITECH compliance.• Tooling: Mastery of Microsoft Sentinel (KQL, Workbook creation), CrowdStrike Falcon, and Proofpoint.• Defence Strategy: Practical experience in Purple Teaming, Threat Hunting, and Next-Gen SIEM automation.• Log Integration: Proven ability to onboard diverse telemetry from Firewalls, Cloud (Azure), and Medical IoT devices.Professional Attributes:• Resilience: Ability to remain calm and decisive during high-pressure emergency /"War Room/" scenarios.• Communication: Flawless English communication skills; able to bridge the gap between offshore technical teams and US-based executive leadership.• Strategic Vision: Ability to evolve the SOC from a re ctive monitoring unit to a proactive threat-informed defence centre.