Head of Information Security (Security Operations)
Job Summary:
The Head of Information Security for Security Operations is responsible for protecting the organization's digital assets by leading the 24/7 Security Operations Center (SOC). This role focuses on the proactive and reactive elements of cybersecurity, including threat intelligence, monitoring, incident response, and digital forensics. The incumbent will build and mentor a team of analysts and engineers to detect, analyze, and respond to cyber threats in real-time.
Key Responsibilities:
- Lead and mature the 24/7 Security Operations Center (SOC), including SIEM management, threat hunting, and alert triage.
- Develop and implement the incident response plan, leading the response to major security incidents.
- Oversee vulnerability management programs, including scanning, prioritization, and remediation tracking.
- Manage the Cyber Threat Intelligence program to anticipate and mitigate emerging threats.
- Direct digital forensics and root cause analysis for security breaches.
- Develop and maintain security monitoring use cases and playbooks for SOC analysts.
- Manage key security operations technologies (SIEM, EDR, SOAR, etc.) and vendor relationships.
- Report on security posture, incident metrics, and key risk indicators to the CISO.
Qualifications and Experience:
- 10+ years in information security, with 5+ years in a leadership role within a SOC or incident response team.
- Deep technical knowledge of SIEM platforms, EDR tools, network forensics, and malware analysis.
- Expertise in incident response frameworks (e.g., NIST SP 800-61) and threat intelligence platforms.
- Relevant certifications such as GCIH, GCIA, GCFA, CISSP, or equivalent.
