Position Overview:
- We are seeking a seasoned Offshore Cybersecurity Manager to lead and optimize end-to-end Security Operations Center (SOC) functions for a major US Healthcare provider. This role is a critical blend of technical orchestration, Cybersecurity Service Delivery, and People Leadership.
- You will be responsible for the 24/7 operational readiness of the offshore team, ensuring that patient data (PHI) is protected around the clock. This includes everything from the granular management of shift rosters to high-stakes leadership during emergency cyber incidents.
Core Responsibilities:
- SOC Leadership & Team Management
- People Development: Lead, mentor, and conduct performance evaluations for a multi-tiered team of SOC analysts (L1, L2, L3). Foster a culture of continuous learning and technical excellence.
- Shift Roster Preparation: Design and manage 24/7/365 shift rotations, ensuring seamless handovers between time zones. Account for peak traffic periods, planned leaves, and Follow-the-Sun support models.
- Capacity Planning: Monitor team utilization and burnout levels, ensuring the SOC is adequately staffed to handle alert volumes without compromising quality.
- Emergency Response & Incident Command
- Crisis Leadership: Act as the Incident Commander during major security events (e.g., Ransomware, Data Breaches). Lead the offshore response and coordinate with US-based stakeholders until resolution.
- Emergency Escalation: Define and execute Critical Path communication protocols to ensure hospital leadership is notified immediately during high-impact outages or threats.
- Post-Mortem Orchestration: Lead Root Cause Analysis (RCA) sessions after major incidents to improve detection logic and response playbooks.
- Service Delivery & Client Interaction
- SLA/KPI Governance: Take full ownership of contractual obligations. Monitor Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR), specifically for high-priority healthcare environments.
- Executive Presence: Represent the offshore SOC in Weekly/Monthly Business Reviews (WBR/MBR). Translate technical telemetry into business risk and clinical impact reports for US hospital executives.
- Vendor & Tool Optimization: Manage relationships with security vendors and ensure tools like MS Sentinel and CrowdStrike are delivering maximum ROI.
Required Technical Skills & Qualifications:
- Frameworks: Expert knowledge of NIST CSF, MITRE ATT&CK, and HIPAA/HITECH compliance.
- Tooling: Mastery of Microsoft Sentinel (KQL, Workbook creation), CrowdStrike Falcon, and Proofpoint.
- Defense Strategy: Practical experience in Purple Teaming, Threat Hunting, and Next-Gen SIEM automation.
- Log Integration: Proven ability to onboard diverse telemetry from Firewalls, Cloud (Azure), and Medical IoT devices.
Professional Attributes:
- Resilience: Ability to remain calm and decisive during high-pressure emergency War Room scenarios.
- Communication: Flawless English communication skills; able to bridge the gap between offshore technical teams and US-based executive leadership.
- Strategic Vision: Ability to evolve the SOC from a reactive monitoring unit to a proactive threat-informed defense center.
