Cybersecurity Operation Lead

We are seeking an experienced Cybersecurity Operations Lead to oversee mission‑critical security operations in a 24 × 7 environment. This role is responsible for threat monitoring, incident response, vulnerability management, and ensuring compliance with IM8 governance standards. You will lead a team of cybersecurity engineers, manage security infrastructure, and drive continuous improvement in operational security practices.

• Oversee day-to-day security monitoring using SIEM and endpoint protection tools.
• Lead incident response, containment, eradication, and root cause analysis for cybersecurity events.
• Ensure clear incident classification, escalation workflows, and communication protocols.

• Lead vulnerability assessments and penetration testing programs.
• Manage remediation of vulnerabilities across servers, network devices, middleware, and containers.
• Ensure timely patching cycles across all environments.

• Implement, configure, and maintain security technologies (firewalls, IDS/IPS, HSM, PAM).
• Oversee OS, application, and network hardening (RHEL, Windows Server, Kubernetes).
• Review and approve security architecture designs for new components and projects.

• Govern privileged access across Active Directory domains.
• Ensure segregation of duties, emergency access procedures, and periodic access reviews.

• Enforce compliance with IM8 cybersecurity policies and standards.
• Drive audit readiness, maintain risk registers, and track remediation progress.

• Liaise with cross‑function teams.
• Ensure clear documentation, SOPs, and knowledge transfer for all security activities.
• Drive continuous training and certification for team members.

• Bachelor’s degree in Information Security, Computer Science, Engineering, or related discipline.
• Minimum 5 years of proven experience in cybersecurity or information security roles supporting mission‑critical operations, preferably in the public sector.
• Strong competency in operating system security (RHEL, Windows Server), network security, and Kubernetes security.
• Hands‑on experience with two or more tools such as SIEM (LogRhythm), Vulnerability Scanner (Nessus), IAM/PAM (BeyondTrust/CyberArk), HSM, TLS/PKI, Firewalls (Check Point, Palo Alto), IDS/IPS is a must.
• CISSP, CISM, CEH or equivalent preferred.
• Security principles (CIA, defense in depth, least privilege).
• Networking and OS fundamentals.
• Identity & Access Management, cryptography basics.
• Application security fundamentals (OWASP Top 10, secure coding principles).
• Incident response and IM8 compliance knowledge.
• Strong composure under pressure and ability to lead during incidents.
• Excellent communication skills (written and spoken).
• High integrity, attention to detail, and accountability.
• Proactive, collaborative, and able to manage cross‑functional coordination.