Cyber Security Operations Lead
The Cyber Security Operations Lead will be responsible for:
Risk Management: Assessing and mitigating cyber risks, developing and implementing risk management frameworks and processes, and reporting on key risk indicators and metrics.
Cybersecurity Strategy and Operations: Work with the Principal Cyber Security Architect on the development of and executing the cybersecurity strategy and roadmap, aligning with business objectives and industry best practices. Leading and managing the cybersecurity operations team, ensuring timely and effective detection, response, and recovery from cyber incidents. Establishing and maintaining relationships with internal and external stakeholders, including customers, regulators, vendors, and law enforcement agencies.
Compliance and Governance: Ensuring compliance with applicable laws, regulations, and contractual obligations related to cyber security. Developing and enforcing cybersecurity policies, standards, and procedures. Conducting audits and reviews of cybersecurity controls and practices. Providing guidance and training on cybersecurity awareness and education.
Technology Integration: Providing direction and requirements to our Architecture & Technology functions to allow for the evaluation and selection of emerging technologies and solutions that enhance the security posture and resilience of the organization. Integrating cybersecurity requirements and best practices into the design and development of IT systems and applications. Managing the cybersecurity budget and resources.
The Cyber Security Operations Lead will report directly to the Senior Director, Enterprise Technology and work closely with other senior leaders across the organization, as well as acting as the key contact for Cyber Security related inquiries from regulators and government entities across North America.
Responsibilities
- Identifying, assessing, and mitigating cyber risks and threats across the company's infrastructure, systems, networks, and data
- Implement a cyber security strategy and roadmap that aligns with the company's vision, mission, values, and objectives.
- Establish and maintain a cyber security governance framework and policies that ensures compliance with applicable laws, regulations, standards, and best practices.
- Monitor and report on the cyber security performance, risk posture, and maturity of the company, and provide recommendations for improvement.
- Oversee the security operations center, incident response, threat intelligence, vulnerability management, and security awareness functions.
- Collaborate with the technology architecture group to design and implement secure and resilient solutions that support the company's business needs and goals.
- Build and maintain strong relationships with internal and external stakeholders, including senior management, business units, customers, vendors, regulators, and government officials.
- Lead, mentor, and develop a high-performing cyber security team that fosters a culture of excellence, innovation, and continuous improvement.
- Stay abreast of the latest cyber security trends, threats, and best practices, and ensure that the company adapts accordingly.
Qualifications, Experiences And Skills
- Bachelor's degree in computer science, information systems, cyber security, or related field. Master's degree or relevant certification (e.g. CISSP, CISM, CISA, CRISC) is preferred.
- At least 10 years of progressive experience in cyber security, with at least 5 years in a leadership role.
- Demonstrated experience in government and regulator affairs considered an asset
- Demonstrated experience in executing a cyber security strategy and roadmap for a large and complex organization.
- Proven track record of managing cyber security operations, compliance, and IT as well as identity functions, and delivering successful outcomes.
- Strong knowledge of cyber security frameworks, standards, laws, and regulations, such as NIST, ISO, PCI, HIPAA, FERC, NERC, etc.
- Secret level security clearance would be an asset.
- Excellent communication, presentation, and interpersonal skills, with the ability to communicate complex and technical issues to diverse audiences.
- Strong analytical, problem-solving, and decision-making skills, with the ability to balance risk and business needs.
- Highly collaborative, adaptable, and customer-oriented, with the ability to build and maintain effective relationships with internal and external stakeholders.
- Passionate, driven, and innovative, with the ability to lead and inspire a team of cyber security professionals.
#10464 Director of Cybersecurity
