Cybersecurity and Lead

Lead and oversee the Security Operations Center (SOC) to ensure effective monitoring, detection, and response to cyber threats. 

• Manage and mentor the cybersecurity team, providing direction and professional development. 

• Develop and implement cybersecurity strategies to protect the organization from evolving threats. 

• Develop cyber risk management strategies, including risk assessments, security controls, and remediation plans. 

• Manage security incidents and forensic investigations, ensuring timely resolution and post-incident analysis. 

• Oversee vulnerability management, penetration testing, and threat intelligence initiatives to proactively identify and mitigate security risks. 

• Establish, enforce, and continuously improve security policies, standards, and best practices in alignment with industry frameworks (ISO 27001, NIST, PCI-DSS, SOC2, RMiT) and regulatory requirements. 

• Collaborate with engineering and IT teams to ensure secure system architecture and implementation.

• Manage security tools and technologies, including SIEM, IDS/IPS, endpoint security, firewalls, and cloud security solutions. 

• Drive security automation and orchestration initiatives to enhance efficiency in cybersecurity operations. 

• Conduct security awareness training and provide guidance to employees on cybersecurity best practices. 

• Serve as the cybersecurity liaison for executive leadership, providing insights, reporting, and strategic recommendations. 

• Liaise with external vendors, auditors, and regulators to assess security effectiveness and maintain compliance. 

• Stay updated on emerging security threats, trends, and technologies to continuously enhance the organization’s defense mechanisms.

• Bachelor’s or Master’s degree in Cybersecurity, Computer Science, Information Technology, or a related field. 

• 10+ years of experience in cybersecurity operations, including at least 5 years in a managerial role. 

• Proven expertise in leading security operations, risk management, and compliance programs. 

• Strong understanding of cloud security, network security, endpoint security, and modern cybersecurity frameworks. 

• Hands-on experience with SIEM, IDS/IPS, EDR, DLP, and threat intelligence platforms. 

• In-depth knowledge of cyber risk management methodologies, incident response frameworks, forensic investigations, and malware analysis. 

• Familiarity with security standards and compliance requirements, including ISO 27001, NIST, PCI-DSS, SOC2, PDPA, and RMiT. 

• Experience with cloud security frameworks for AWS, Azure, and Google Cloud. 

• Strong analytical, problem-solving, and decision-making skills. 

• Excellent communication and stakeholder management skills. 

• Relevant cybersecurity certifications such as CISSP, CISM, CISA, GIAC, CCSP, or equivalent are highly preferred