Cyber Security Lead

Role Overview

Cybersecurity Lead L3

NIST Cybersecurity Framework (CSF)

Key Responsibilities

1. Cybersecurity Operations Leadership (Aligned to NIST CSF)

• Provide leadership and oversight across

  24x7 cybersecurity operations

  , including SOC, EDR, firewall, vulnerability management, and email security.
• Ensure services align to

  NIST CSF functions

  : Identify, Protect, Detect, Respond, and Recover.
• Govern security operations across:
• On-premises infrastructure
• Azure cloud environments
• End-user devices and VOIP assets
• Act as the senior escalation point for cybersecurity-related issues.

2. Security Monitoring & SOC Governance

• Govern

  24x7 security monitoring

  across users, devices, applications, and infrastructure.
• Ensure effective use of

  Microsoft analytics and threat intelligence

  to detect threats and minimize false positives.
• Oversee real-time monitoring, alert triage, and confirmation of security incidents.
• Ensure incidents and alerts are logged, tracked, and managed via

  ITSM tools

  .
• Provide oversight and guidance to Tier-2 teams during investigation and resolution.

3. Endpoint Detection & Response (EDR) Oversight

• Provide governance and technical oversight for

  endpoint security services

  , including:
• Endpoint Detection & Response (EDR)
• Antivirus and anti-malware platforms
• Oversee:
• EDR console administration
• Policy configuration, tuning, and exception management
• Endpoint agent rollout, coverage validation, and compliance reporting
• Ensure endpoint security operations align with defined standards and business requirements.

4. Firewall & Network Security Governance

• Govern firewall operations supporting network and VOIP security.
• Ensure firewall platforms are:
• Maintained and patched
• Aligned with vendor security bulletins
• Configured according to customer security requirements
• Oversee firewall rule lifecycle management, security profiles, and configuration changes.
• Ensure network security controls align with asset function and risk posture.

5. Vulnerability Management & Penetration Testing Oversight

• Govern the

  vulnerability management program

  using industry-recognized platforms.
• Ensure:
• Regular scanning of Beacon assets
• Risk-based prioritization of vulnerabilities
• Timely remediation tracking and validation
• Review vulnerability reports, trends, and remediation effectiveness.
• Oversee configuration and coverage of vulnerability scanning platforms.
• Ensure penetration testing and vulnerability remediation activities align with security objectives.

6. Managed Email Security (Microsoft Defender for Office 365)

• Provide oversight for

  email security services

  using Microsoft Defender for Office 365.
• Govern:
• Anti-phishing policies
• Safe Attachments and Safe Links configurations
• Alerting and detection mechanisms
• Ensure effective investigation of suspicious emails and phishing attempts.
• Review threat trends and guide policy tuning to reduce risk.

7. Client Engagement, Reporting & Governance

• Act as the senior cybersecurity point of contact for the client.
• Deliver

  quarterly executive-level cybersecurity reports

  , linking security outcomes to:
• Business uptime
• Compliance posture
• Cost optimization
• Participate in governance forums, security reviews, and service discussions.
• Ensure transparency, consistency, and confidence in cybersecurity service delivery.

8. Team Leadership & Service Enablement

• Provide direction and guidance to L2 and L3 cybersecurity engineers.
• Support onboarding, transition, and knowledge transfer activities.
• Ensure strong documentation, SOPs, and audit readiness.
• Promote standardization and continuous improvement across cybersecurity services.

Skills & Experience

Technical & Leadership Skills

• Strong leadership experience across:
• SOC operations
• Endpoint security (EDR, AV)
• Network security (firewalls)
• Vulnerability management
• Email security
• Deep understanding of

  NIST Cybersecurity Framework (CSF)

  .
• Strong familiarity with

  Microsoft security ecosystem

  , including:
• Microsoft Sentinel (advantage)
• Microsoft Defender (Endpoint, Office 365)
• Ability to translate cybersecurity risks into business-relevant insights.

Tools & Platforms (Aligned to Scope)

• Microsoft Sentinel (advantage)
• Microsoft Defender for Endpoint & Office 365
• Endpoint security platforms (EDR/AV)
• Firewall platforms
• Vulnerability management tools
• ITSM platforms for incident and alert management

Experience

• 12+ years

  of experience in cybersecurity roles.
• Prior experience in

  L3 / Lead cybersecurity positions

  .
• Experience managing enterprise or managed SOC environments.
• Exposure to regulated or compliance-driven environments is preferred.

Soft Skills & Behavioral Expectations

• Strong leadership and governance mindset.
• Clear, confident client-facing communication.
• Structured decision-making aligned to risk and compliance.
• High ownership for cybersecurity outcomes.
• Collaborative working style across IT and business teams.

Working Model

• Offshore delivery from India.
• Alignment with client business hours for governance and reporting.
• Escalation availability for significant security incidents.
• Active involvement during transition and steady-state operations.