Security Delivery Lead (Ops, Compliance & DLP)

Role Overview

We are hiring a hands-on Security Delivery Lead to manage a lean team of 4 cybersecurity professionals across three key domains:

• Security Operations Engineering
• Vulnerability & Compliance Management
• Insider Threat & Data Loss Prevention (DLP)

This role oversees day-to-day operational security, lifecycle management of key security platforms, and incident response coordination. You will work closely with Infrastructure Delivery, Workplace Delivery, and Service Delivery Managers to ensure that controls are enforced, incidents are resolved, and compliance is maintained.

In addition to operational responsibilities, this role will be critical in planning the future establishment of a centralized Security Operations Center (SOC) and ensuring security tooling remains current, effective, and aligned to evolving threat landscapes.

Key Responsibilities:

Security Operations

• Monitor alerts from SIEM/EDR platforms, triage security events, and coordinate incident response.
• Enforce security controls for endpoint protection, AV, encryption, MDM, and USB lockdown.
• Coordinate with infrastructure and workplace teams to ensure operational security compliance.

Vulnerability & Compliance Management

• Manage vulnerability scanning, CVE tracking, and remediation efforts with IT/app owners.
• Ensure timely patching, close audit observations, and prepare compliance documentation.
• Support internal and external audits, risk assessments, and policy adherence.

Insider Threat & DLP Monitoring

• Monitor and investigate DLP alerts, UEBA signals, and abnormal usage behavior.
• Work with HR, Legal, and business stakeholders on exfiltration and insider threat cases.
• Tune and refine DLP rules to minimize false positives while ensuring effective coverage.

Team Leadership

• Manage a team of 3 cybersecurity professionals across SecOps, Compliance, and DLP.
• Provide technical guidance, task planning, and team mentoring.
• Support hiring, onboarding, and skills development as the security team grows.

Future Readiness – SOC Enablement

• Contribute to planning and requirements for a future Security Operations Center (SOC).
• Define operating model, tooling requirements, escalation processes, and SOC metrics.
• Lead the transition from reactive monitoring to a proactive threat detection and response posture.
• Cross-Functional Collaboration

Work closely with:

• Infrastructure & Workplace Delivery teams for patching, tooling, and endpoint compliance.
• Service Delivery Managers for client security requirements and SLA compliance.
• Reporting & Automation teams to improve telemetry, alert coverage, and dashboards.

Qualifications

• Degree in Information Security, Computer Science, or equivalent
• Preferred certifications: CISSP, CISM, CEH, SC-200, GIAC, OSCP

Experience

• 6+ years in cybersecurity operations and compliance
• At least 1–2 years in a team leadership, technical lead, or SME role
• Proven experience leading version upgrades or replacements of security tools, including planning, rollback strategies, and stakeholder coordination
• Experience working in lean teams with cross-functional coordination
• Experience with SIEM, EDR, DLP, patching, and audit workflows.

Tools & Technologies

• SIEM/EDR: Microsoft Sentinel, Defender for Endpoint, IBM QRadar or equivalent
• Vulnerability & Patch Management: Tenable, Qualys, BigFix, Intune
• DLP & UEBA: Microsoft Purview, Netskope, Forcepoint
• Ticketing & Automation: ServiceNow, SolarWinds, scripting (PowerShell/Bash).