Lead Cyber Security

Job Summary We are seeking an experienced cybersecurity lead to oversee and strengthen our organization's security posture. The ideal candidate will be responsible for developing security strategies, managing security operations, identifying vulnerabilities, ensuring compliance, and leading incident response activities to protect critical business assets and data. Key Responsibilities Develop, implement, and maintain enterprise-wide cybersecurity policies, standards, and procedures. Lead security operations, monitoring, threat detection, and incident response activities. Conduct security risk assessments, vulnerability assessments, and penetration testing reviews. Manage Security Information and Event Management (SIEM) tools and security monitoring solutions. Collaborate with IT, infrastructure, cloud, and development teams to implement security best practices. Ensure compliance with industry standards and regulatory requirements such as ISO 27001, NIST, PCI-DSS, GDPR, and SOC 2. Investigate security incidents and coordinate remediation efforts. Lead security awareness training programs for employees. Evaluate and recommend security technologies, tools, and solutions. Manage third-party security assessments and vendor risk management. Prepare and present security reports, metrics, and recommendations to management. Required Skills & Qualifications Technical Skills Strong knowledge of network security, endpoint security, and cloud security. Experience with SIEM tools such as Splunk, QRadar, Sentinel, or ArcSight. Knowledge of Firewalls, IDS/IPS, VPN, WAF, and EDR/XDR solutions. Hands-on experience with vulnerability management tools such as Nessus, Qualys, or Rapid7. Understanding of Security Frameworks (NIST, CIS Controls, ISO 27001). Experience with AWS, Azure, or Google Cloud security. Knowledge of Identity and Access Management (IAM), MFA, and Privileged Access Management (PAM). Familiarity with scripting languages such as Python, PowerShell, or Bash.

Cybersecurity Leadership, Enterprise Security Architecture, Infrastructure Security, Cyber Risk Management, Security Governance, Identity & Access Management, Network & Cloud Security, Threat Detection & Incident Response, Vulnerability Management, CISSP, CISM, CCSP, GIAC, CASP+.