Cyber Security Tower Lead

Experience/Role:
Responsible for the day-to-day operations of the Cyber Security team and the Enterprise Infrastructure security tools like Firewalls, email security etc., security event monitoring systems, malware detection and enterprise-level antivirus solutions/systems, IAM/PAM & GRC.

• Must have 15+ years experience in multiple Cybersecurity technologies and products.
• Should possess broad knowledge of current security practices as well as the ability to understand key trends in security space
• Should supervise a team of very experienced information security staff consisting of full-time employees, part-time employees, and contractors.
• Should help clients define and deploy effective security solutions and strategies while addressing ever-changing regulatory and industry compliance challenges.
• Should be able to collaborate with a variety of technical and business personnel.
• Should be comfortable working with customer senior managers to drive the information security agenda.
• Manage security budget including planning, allocation of resources for various security initiatives, ensuring that the organization invests in the right security technologies and solutions.
• As a leader, the Security Lead must guide and mentor the security team. This involves setting clear goals, providing regular feedback, and ensuring that the team has the necessary skills and resources to perform their duties effectively. Strong leadership is crucial for maintaining a motivated and efficient security team
• Participate in updating and developing technology roadmaps associated with deployed services;
• Should possess knowledge on key tools and technologies in Identity and Access Management space primarily on IGA, Access Mgmt, SSO, MFA and PAM tools

Knowledge & Skills:

• Cybersecurity Fundamentals: Deep understanding of cybersecurity principles, best practices, common threats and vulnerabilities.
• Network Security: Proficiency in firewalls, VPNs, IDS/IPS, network monitoring, and common networking protocols (TCP/IP, DNS, DHCP).
  Application Security: Understanding of secure coding practices and application security.
• Vulnerability Management: Experience with vulnerability assessment, penetration testing tools, and methodologie.
• Cloud Security: Familiarity with securing cloud-based infrastructure and services.
  Compliance: Knowledge of regulations like GDPR, HIPAA, PCI DSS, and implementing security controls.
• Security Tools: Proficiency with SIEM, endpoint protection, IDS, vulnerability scanners.
• Security Frameworks: Understanding of NIST Cybersecurity Framework, ISO 27001, or CIS Controls.
• Desirable Certifications: CISSP, CEH, CISM, CCSP, or GIAC.