1. Security Strategy & Governance
- Define, implement, and enforce security controls across infrastructure, endpoints, and internal systems.
- Ensure alignment with ISO 27001, SOC 2, and NIST frameworks.
- Support audits, compliance, and internal governance processes.
2. Technical Security Operations
- Lead Security Operations Center (SOC) for 24x7 monitoring, incident detection, response, and root cause analysis.
- Oversee vulnerability management, patching, system hardening, and secure configurations.
- Optimize and automate security tooling (SIEM, SOAR, threat intel).
- Drive endpoint protection (EDR/XDR), MDM, DLP, identity management (SSO, MFA, PAM), and zero-trust network architecture.
3. Application & Infrastructure Security
- Review internal applications and platforms for security gaps; implement secure coding practices.
- Secure enterprise networks using VPNs, firewalls, NAC, and segmentation.
- Conduct threat hunting, intelligence analysis, and incident response lifecycle
