Cybersecurity Operation Lead

Position Summary:

We are seeking an experienced Cybersecurity Operations Lead to oversee mission-critical security operations in a 24×7 environment. This role is responsible for threat monitoring, incident response, vulnerability management, and ensuring compliance with IM8 governance standards. You will lead a team of cybersecurity engineers, manage security infrastructure, and drive continuous improvement in operational security practices.

Responsibilities:

Threat Monitoring & Incident Response

• Oversee day-to-day security monitoring using SIEM and endpoint protection tools.

• Lead incident response, containment, eradication, and root cause analysis for cybersecurity events.

• Ensure clear incident classification, escalation workflows, and communication protocols.

Vulnerability & Patch Management

• Lead vulnerability assessments and penetration testing programs.

• Manage remediation of vulnerabilities across servers, network devices, middleware, and containers.

• Ensure timely patching cycles across all environments.

Security Infrastructure & System Hardening

• Implement, configure, and maintain security technologies (firewalls, IDS/IPS, HSM, PAM).

• Oversee OS, application, and network hardening (RHEL, Windows Server, Kubernetes).

• Review and approve security architecture designs for new components and projects.

Privileged Access Management

• Govern privileged access across Active Directory domains.

• Ensure segregation of duties, emergency access procedures, and periodic access reviews.

Governance & Compliance

• Enforce compliance with IM8 cybersecurity policies and standards.

• Drive audit readiness, maintain risk registers, and track remediation progress.

Team Leadership

• Liaise with cross function teams

• Ensure clear documentation, SOPs, and knowledge transfer for all security activities.

• Drive continuous training and certification for team members.

Requirements:

• Bachelor’s degree in Information Security, Computer Science, Engineering, or related discipline.

• Minimum 5 years of proven experience in cybersecurity or information security roles supporting mission-critical operations in the public sector is highly preferred.

• Strong competency in operating system security (RHEL, Windows Server), network security, and Kubernetes security.

• Hands-on experience with two or more tools such as SIEM (LogRhythm), Vulnerability Scanner (Nessus), IAM/PAM (BeyondTrust/CyberArk), HSM, TLS/PKI, Firewalls (Check Point, Palo Alto), IDS/IPS is a must.

• CISSP, CISM, CEH or equivalent preferred.

• Security principles (CIA, defense in depth, least privilege).

• Networking and OS fundamentals.

• Identity & Access Management, cryptography basics.

• Application security fundamentals (OWASP Top 10, secure coding principles).

• Incident response and IM8 compliance knowledge is a must.

• Strong composure under pressure and ability to lead during incidents.

• Excellent communication skills (written and spoken).

• High integrity, attention to detail, and accountability.

• Proactive, collaborative, and able to manage cross-functional coordination.