Security Operations Center Team Lead

Role : SOC Team Lead (US Shift 6 :00 PM 3 :00 AM IST).

Location : Kharadi, Pune.

At Smith+Nephew, we design and manufacture technology that takes the limits off living.

As the SOC Team Lead, you will supervise the daily operations of a team focused on monitoring, detecting, and responding to cybersecurity threats.

Acting as the liaison between tactical execution and strategic direction from Information Security leadership, you will also step in for the Global SOC Manager when needed.

This role combines technical expertise and leadership to ensure effective operations, continuous improvement, and the development of junior team members.

You will collaborate with the Global SOC Manager, IT and InfoSec teams, and external partners to drive operational excellence and enhance SOC capabilities, tools, and processes.

The working hours are Monday to Friday (6 :00 PM 3 :00 AM IST).

What will you be doing ?

- Lead day-to-day SOC operations, including shift coordination, alert triage and issue, threat hunting, queue management, task assignment, and shift handovers; ensure continuous 24x7 service delivery through effective scheduling, workload balancing, and collaboration with management.

- Generate and review team performance metrics and contribute to operational reporting and service quality reviews.

- Act as technical lead during high-priority or complex security incidents, overseeing containment, eradication, and recovery efforts.

- Coordinate incident response and forensic activities with internal team members and external partners.

- Ensure alignment to incident response procedures and contribute to continuous process improvement.

- Provide mentorship, technical guidance, and coaching to SOC analysts and responders.

- Lead quality reviews of investigations, threat hunts, and incident documentation; identify skill gaps and support team development through training and knowledge-sharing initiatives.

- Contribute to the refinement and documentation of SOC processes, runbooks, and triage workflows.

- Support tuning and enhancement of detection tools such as SIEM, EDR, and XDR platforms.

- Collaborate with engineering teams to improve alert fidelity, log ingestion, and detection coverage.

- Support for internal and external audit activities such as SOX, ISO27001, ENS, FDA, or other frameworks, as well as reporting and disclosure requirements such as SEC 6K and 20F (including attribution analysis and aggregation analysis) and GDPR or equivalent privacy-related legislation.

- Write comprehensive reports, costed proposals, or other assessment-based findings, outcomes, and propositions for maturity and capability improvements to the security posture of S+N.

What will you need to be successful ?

Education/Licenses/Certification : Bachelor's or Master's degree in a relevant field (such as IT, Cybersecurity, Leadership, or Management) or equivalent experience.

Desirable : CompTIA Security+, GCIA, GCIH, CISSP, CSOM, GIAC, or equivalent.

- Should have a minimum of 8+ years of demonstrable experience in Cybersecurity that must include experience in team leader or management roles, as well as security analyst and/or incident handler.

- The incumbent should be comfortable for working in US Shift(6 :00 PM 3 :00 AM IST).

- Experience with the security aspect of monitoring for threats against networks, operating systems, applications, and database technologies.

- Experience working with SIEM technology, preferably including both monitoring and engineering aspect.

- Strong analytical and problem-solving skills with a diligent approach.

- Solid understanding of MITRE ATT&CK, MITRE D3FEND, NIST CSFv2, and NIST SP800-61r2.

- Solid understanding of SIEM, EDR, and XDR technologies as well as the applied processes of continuous threat detection, proactive threat hunting (PEAK-ABLE), threat intelligence, and security incident response.

- Understanding of API security and AI security concepts (such as NIST AI RMF).

- Familiarity with AWS and Azure cloud technologies, CSPM, and cloud security standards (CSA or equivalent).

- Familiarity with the principles and good practices of digital forensics and the ability to effectively engage with, and assess the quality of work done by, external DFIR partners.

- Excellent written and oral communication skills, service attitude, and analytical approach to problem-solving.

- Ability to work independently without daily direction, balancing conflicting priorities, and optimally supervising and managing task completion to committed deadlines.