-
Lead the Security Operations Center (SOC) and oversee daily security monitoring and incident response activities.
-
Develop, implement, and maintain security policies, procedures, and standards to protect organizational assets.
-
Conduct risk assessments and vulnerability analyses to identify security gaps and recommend mitigation strategies.
-
Respond promptly to security incidents, including investigation, containment, and remediation.
-
Collaborate with IT, engineering, and compliance teams to ensure secure deployment and operation of systems.
-
Monitor security alerts, analyze threats, and provide actionable insights to leadership.
-
Manage security tools, including firewalls, SIEM (Security Information and Event Management), endpoint protection, and intrusion detection/prevention systems.
-
Stay up to date with emerging threats, security trends, and regulatory requirements to ensure compliance.
-
Provide training, guidance, and mentoring to security operations team members.
-
12+ years of experience in cybersecurity, with a focus on security operations, threat detection, and incident response.
-
Strong understanding of cybersecurity frameworks (e.g., NIST, ISO 27001, CIS Controls) and compliance standards (e.g., HIPAA, GDPR, SOX).
-
Expertise with SOC operations, SIEM platforms, endpoint protection, intrusion detection systems, firewalls, and network security tools.
-
Proven experience managing security incidents, investigations, and response plans.
-
Knowledge of cloud security best practices and technologies (AWS, Azure, or Google Cloud).
-
Excellent analytical, problem-solving, and decision-making skills.
-
Strong leadership and team management abilities, including mentoring and developing staff.
-
Effective communication skills for conveying complex security concepts to technical and non-technical stakeholders.
-
Relevant certifications such as CISSP, CISM, CISA, or GIAC are highly desirable.