Head of Cybersecurity

Head of Cybersecurity

Role Overview

The Head of Cybersecurity is responsible for leading and enhancing enterprise cybersecurity services within a shared services or multi-business environment. This role oversees security operations, engineering, governance, and incident response initiatives to strengthen the organization’s overall security posture across infrastructure, networks, cloud environments, and operational platforms.

Reporting to the Head of Technology Services, this position requires extensive experience in managed security services, enterprise cybersecurity operations, and regional stakeholder management. The role also involves driving service maturity, improving operational processes, and leading cybersecurity teams supporting multiple business units.

Key Responsibilities

Security Architecture & Strategy

Lead the development and enhancement of cybersecurity services supporting enterprise systems, networks, and cloud environments.

Design and implement security architecture frameworks aligned with business and operational requirements.

Develop risk and threat assessment methodologies to identify security gaps and define remediation strategies.

Drive the implementation and improvement of security controls across infrastructure and cloud platforms.

Security Engineering & Tooling

Oversee deployment, configuration, and operational management of cybersecurity technologies such as SIEM, SOAR, endpoint protection, identity and access management, vulnerability management, and cloud security tools.

Enhance operational processes to improve detection accuracy, system reliability, and response effectiveness.

Ensure security monitoring, threat intelligence, and operational workflows are integrated effectively across services.

Lead operational engineering activities including alert triage support, rule tuning, system health monitoring, and troubleshooting.

Maintain security documentation, operational procedures, playbooks, and technical standards.

Customize operational security processes to align with varying business and technology environments.

Security Operations & Incident Response

Lead and coordinate incident response activities, including investigation, containment, eradication, and recovery efforts.

Support continuous improvement of incident response processes and testing activities.

Conduct post-incident reviews and ensure corrective actions are implemented to reduce recurrence risks.

Collaborate with technical teams and stakeholders to ensure timely and effective security operations support.

Governance, Risk & Compliance

Develop and enhance cybersecurity risk assessment frameworks and governance processes.

Strengthen vendor and third-party security assessment capabilities.

Support security awareness and compliance initiatives across the organization.

Develop metrics and reporting mechanisms to provide visibility into cybersecurity posture and operational effectiveness for leadership stakeholders.

Ensure alignment with industry standards, compliance requirements, and security frameworks.

Leadership & Service Management

Partner with business and technology leaders to align cybersecurity services with organizational needs and strategic priorities.

Lead and develop teams responsible for delivering managed security services and operational support.

Drive continuous improvement of cybersecurity capabilities, service maturity, and operational efficiency.

Manage operational planning, resource allocation, and service performance across cybersecurity functions.

Qualifications

Required

Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field.

Minimum of 10 years of experience in information security, including operational, engineering, and governance responsibilities.

Strong hands-on experience implementing and managing security controls across enterprise infrastructure and cloud platforms.

Experience managing cybersecurity operations within managed services and/or enterprise environments.

Expertise in security tooling, detection engineering, monitoring, and incident response processes.

Experience reviewing and managing network security controls, firewall policies, and access management practices.

Familiarity with automation and scripting for security operations improvement (e.g., Python, PowerShell).

Strong knowledge of security frameworks and standards such as NIST, ISO 27001, CIS Controls, and MITRE ATT&CK.

Strong documentation, stakeholder management, and communication skills.

Experience working within regional or global operational environments.

Preferred

Professional certifications such as CISSP, CISM, CCSP, GIAC, or equivalent.

Cloud security certifications related to Azure, AWS, or Google Cloud platforms.

Key Competencies

• Cybersecurity leadership and strategy
• Security architecture and engineering
• Incident response and threat management
• Governance, risk, and compliance oversight
• Stakeholder and team management
• Operational excellence and continuous improvement
• Analytical thinking and problem-solving