Head of Cyber Security Operations

Description

The Head of Cyber Security Operations is the technical authority responsible for the hardening and defense of the organization’s digital trust infrastructure. This role ensures that security policies—including the Information Security Policy (ISP) and the Certificate Policy/Certification Practice Statement (CP/CPS)—are translated into effective, auditable technical controls.

As the Incident Manager and Security Gatekeeper, the incumbent provides the technical oversight necessary to protect the integrity of the Certification Authority (CA), Time Stamping Authority (TSA) and Digital Signature platforms. This is a foundational leadership role tasked with building the Cyber Security Operations Department (CSOD) and ensuring constant readiness for high-stakes regulatory audits.

Responsibilities

1. Security Policy Implementation & Control Governance

• Technical Translation: Lead the implementation of security controls as mandated by the ISP and CP/CPS. Ensure all technical configurations across the network and systems align with corporate governance.
• Control Validation: Regularly verify that security controls are functioning as intended, bridging the gap between high-level policy and "boots on the ground" technical execution.
• Intelligence Integration: Analyze external threat data and emerging vulnerabilities relevant to the CA industry and PKI infrastructure.
• Threat Hunting: Utilize Sophos EDR telemetry and intelligence feeds to proactively hunt for indicators of compromise (IoC) and dormant risks.
• Vulnerability Governance: Direct the vulnerability management lifecycle, prioritizing remediation schedules based on risk intelligence.

3. Security Monitoring & Audit Trail Oversight

• Independent Log Review: Conduct recurring reviews of system audit trails and application logs to identify unauthorized activities or anomalies.
• Physical Surveillance Review: Perform periodic reviews of CCTV footage and Biometric/Door Access reports to detect tailgating or unauthorized entry into secure zones (Data Center/Vault).
• Functional Oversight of NOC: Provide "dotted-line" directives to the NOC (under ICT Operations) regarding security‑specific monitoring thresholds and log retention requirements.

4. Access Authority & Gatekeeping

• Master ACL Ownership: Serve as the sole approving authority for the Master Access Control List (ACL), authorizing all physical and logical access requests.
• Privileged Identity Management: Enforce the "Principle of Least Privilege," conducting rigorous monthly audits of all administrative and "Trusted Person" accounts.
• Incident Manager (Technical Lead): Lead the tactical response during security events, coordinating containment, forensic investigation, and eradication.
• Crisis Coordination: Provide technical briefings to the Incident Commander (COO) and collaborate with BCM/DR Coordinators to ensure operational resilience.

6. Trust Operations & Audit Defense

• Security Witness: Act as the official Security Witness during Key Ceremonies and cryptographic rituals, ensuring strict adherence to security protocols.
• Auditee Lead: Serve as the primary technical auditee for internal and external audits (WebTrust, ISO 27001, etc.), defending the effectiveness of security controls.

Qualifications

Bachelor’s (Master’s preferred) in Cybersecurity, Computer Science, Information Technology, Information Security Management or a related field.

Work Experience

6–12 years in IT/Security, with 5+ years in active Incident Response/SecOps and 2+ years in a leadership capacity. Prior experience in a CA, Bank, or highly regulated tech environment is essential.

Certificates & Knowledges

• Certifications (Advantageous): GCIH (highly preferred for Incident Manager role), CISSP, CISM, or CISA. Any specialized PKI training is a significant advantage.
• Compliance: Deep familiarity with ISO 27001, ISO 22301, and NIST frameworks.
• Vetting: Must pass stringent background checks due to the sensitivity of the Certification Authority (CA) environment.

#J-18808-Ljbffr

Category

Management & Operations

Sub Category

Operations & Business Administration

Remote Job

no