Cyber Security Lead

Job Summary:

We are seeking an experienced and highly skilled Cyber Security Expert with over 10 years of experience in designing, implementing, and managing security strategies to protect critical IT systems and data. The ideal candidate will possess deep expertise in threat management, security architecture, governance frameworks, incident response, and compliance across cloud and on-premise environments.

Key Responsibilities:

Strategic Planning and Leadership:

• Develop and drive organization-wide cybersecurity strategy aligned with business goals.
• Lead risk assessments, threat modelling, and security architecture reviews.
• Advise executive leadership and stakeholders on security posture and emerging threats.

Security Operations:

• Oversee Security Operations Centre (SOC), threat intelligence, and incident response functions.
• Define and enforce security monitoring, detection, and response processes.
• Conduct root cause analysis and post-incident reviews to continuously improve security defences.

Infrastructure and Application Security:

• Implement and manage next-gen firewalls, IDS/IPS, endpoint protection, SIEM, DDoS and DLP systems.
• Collaborate with DevOps and development teams to integrate security into SDLC (Dev-Sec-Ops).
• Ensure secure configurations for servers, networks, databases, and applications.

Governance, Risk, and Compliance:

• Establish and maintain security policies, standards, and procedures.
• Lead compliance efforts for frameworks such as ISO 27001, NIST, GDPR, HIPAA, or SOC 2.
• Manage internal and external security audits and ensure timely remediation.

Cloud and Identity Security:

• Define and enforce IAM and privileged access strategies (Okta, Azure AD, AWS IAM, GCP IAM etc.).
• Secure multi-cloud environments (AWS, Azure, GCP) including IaaS, PaaS, and SaaS.
• Implement zero-trust architecture and SASE models where applicable.

Team Leadership and Mentorship:

• Manage and mentor security analysts and engineers.
• Develop and deliver security awareness programs and technical training.

Required Skills and Qualifications:

• Bachelor’s or Master’s in Computer Science, Information Security, or related field.
• 10+ years of experience in IT security, with increasing responsibilities.
• Strong knowledge of:
  • Network and endpoint security
  • Security architecture and engineering
  • Vulnerability management and penetration testing
  • Security tools: SIEM (Splunk/QRadar/Logsign), EDR, SOAR, DLP, IDS/IPS, DDoS
  • Risk assessment and threat modelling methodologies
• Experience with regulatory compliance (ISO 27001, NIST, PCI-DSS, HIPAA, etc.)
• Hands-on experience with cloud platforms (AWS, Azure, GCP)

Certifications (Preferred):

• CISSP – Certified Information Systems Security Professional
• CISM – Certified Information Security Manager
• CEH – Certified Ethical Hacker
• OSCP – Offensive Security Certified Professional
• AWS/Azure Security Specialty Certification

Soft Skills:

• Excellent communication and presentation skills for executive and technical audiences.
• Leadership and decision-making in high-pressure situations.
• Strong documentation, policy writing, and analytical skills.
• Ability to influence cross-functional teams and promote a security-first culture.