Job Description
Purpose of the Job
- Lead the deployment, configuration, and optimization of security platforms including Endpoint Detection and Response (EDR), Email Security Gateway, Data Loss Prevention (DLP), Web Security Gateway, JAMF, CyberArk EPM, AI security solutions, and Qradar.
- Define platform strategy and roadmap, ensuring alignment with organizational security objectives and compliance requirements.
- Provide subject matter expertise and thought leadership in EDR, DLP, SIEM, and AI-driven security.
- Strong understanding of security architecture, threat detection, and incident response.
- Collaborate with SOC and incident response teams to ensure platforms provide effective detection, alerting, and forensic capabilities.
- Monitor and analyze security events and alerts, coordinating with SOC teams to investigate and resolve incidents in a timely manner.
- Provide leadership, mentorship, and technical support to security analysts, engineers, and other team members, fostering a culture of continuous learning and improvement.
- Collaborate with IT, risk, compliance, and business stakeholders to identify emerging threats, assess vulnerabilities, and implement mitigation strategies.
- Manage vendor relationships and evaluate new security technologies to enhance the organization's security posture.
- Prepare and present reports on key security metrics, incident trends, and compliance status to executive leadership.
- Ensure proper oversight and support for all end user security operations, maintaining transparent communication and governance across the organization.
Deliverables
- Navigating the complexities of diverse endpoint environments, including BYOD, remote work, and mobile device management.
- Addressing sophisticated and rapidly evolving cyber threats targeting end users, such as phishing, ransomware, and social engineering attacks.
- Balancing the need for robust security controls with user experience and productivity requirements.
- Managing risk associated with data leakage, unauthorized access, and insider threats.
- Ensuring compliance with data protection regulations and internal standards, particularly in multi-jurisdictional contexts.
- Integrating AI-driven security solutions and automation tools into existing workflows without disrupting operations.
- Coordinating incident response across distributed teams and technology stacks.
Decision level
Prime: Final Decision Making authority, accountable to the Management
Shared: Decisions reached jointly with peers on a collective basis
Contributory: Makes a major contribution to a decision or policy judgment reached by others
Demonstrate (Key competencies)
10+ years of experience in information security, with at least 5 years in a leadership role.
Proven Expertise In Managing Security Platforms Including
- EDR (e.g., CrowdStrike, SentinelOne, Microsoft Defender for Endpoint)
- Email Security Gateway (e.g., Proofpoint, Mimecast, Microsoft 365 Defender)
- Data Loss Prevention (DLP endpoint, network, and cloud)
- Web Security Gateway (e.g., Zscaler, Bluecoat, Netskope)
- JAMF (macOS/iOS device management)
- CyberArk Endpoint Privilege Management (EPM)
- AI/ML-driven security solutions
- QRadar SIEM (advanced correlation, threat hunting)
Leadership: Ability to inspire, guide, and develop high-performing security teams, promoting accountability and excellence.
Communication: Superior written and verbal communication skills, capable of conveying complex security matters to technical and non-technical audiences.
Problem-Solving: Strong analytical skills to assess threats, diagnose issues, and implement effective solutions.
Strategic Thinking: Capacity to align security operations with organizational goals and adapt to changing business needs.
Collaboration: Skilled in building relationships and facilitating cooperation across IT, business, and compliance functions.
Risk Management: Experience in identifying, evaluating, and mitigating end user security risks.
Adaptability: Comfortable working in fast-paced, dynamic environments where priorities shift quickly.
Working Experience
Must Have
12 15 years of experience on EDR, SWG, DLP, SASE, Email Security,
Required Skills
[Endpoint Detection and Response (EDR), DLP, SWG, QRadar SIEM]
Additional Information
NA
