DGM - IT Security Operations

Job Summary:

The Deputy General Manager (DGM) of IT Security Operations is accountable for leading and managing the organization’s IT security operations to ensure the confidentiality, integrity, and availability of all information systems and data. This position demands a strategic leader with extensive expertise in cybersecurity best practices, incident response, vulnerability management, and security technologies. The DGM will supervise a team of security professionals, formulate and enforce comprehensive security policies and procedures, and spearhead ongoing enhancements to strengthen the organization’s overall security posture.

Key Responsibilities:

Strategic Leadership & Planning:

• Formulate and execute the IT security operations strategy in alignment with the organization’s business goals and risk tolerance.
• Support the creation of the comprehensive IT security roadmap and drive long-term security projects.
• Continuously monitor emerging cyber threats, vulnerabilities, and advancements in security technology to proactively strengthen defences.
• Serve as the IT Security Operations representative in cross-functional strategic meetings and initiatives.

Security Operations Management:

• Manage round-the-clock Security Operations Center (SOC) activities, encompassing security monitoring, threat detection, incident analysis, and response coordination.
• Lead and coordinate security incident response initiatives, ensuring prompt containment, eradication, recovery, and comprehensive post-incident evaluation.
• Design, execute, and sustain effective vulnerability management programs, including routine vulnerability assessments, penetration testing, and remediation follow-up.
• Oversee the management and optimization of security tools and technologies, such as SIEM, SOAR, EDR, Firewall, WAF, IDS/IPS, NAC, DLP, PAM and IAM.
• Provide technical expertise and guidance during security audits, risk assessments, and compliance activities.
• Collaborate closely with Incident Response, IT Operations, Network Engineering, Application Development, and Compliance teams to coordinate security efforts and resolve incidents.
• Analyze SOC workflows to identify process gaps, bottlenecks, and inefficiencies, and propose improvements.
• Assess emerging security technologies and recommend solutions to strengthen Security Operations capabilities.
• Conduct and verify root cause analysis following incidents and recommend system or process enhancements to prevent future occurrences.
• Oversee the deployment, configuration, and continuous maintenance of essential security tools.

Team Leadership & Development:

• Guide, mentor, and inspire a team of IT security professionals, promoting a culture of continuous learning, teamwork, and excellence.

Stakeholder Management & Communication:

• Collaborate closely with IT departments—including Infrastructure, Applications, and Networking, business units, and external vendors to ensure the comprehensive integration of security into all processes and initiatives.
• Articulate complex security concepts and risks with clarity and precision to both technical and non-technical stakeholders.

Qualifications:

Experience:

• A minimum of 10 to 12 years of progressively responsible experience in IT security, including at least 3 to 5 years in a leadership or managerial capacity overseeing security operations.
• Established track record in managing a Security Operations Center (SOC) or equivalent security function.
• Proven expertise in incident response, vulnerability management, and security architecture.
• Experience working within large, complex organizations, preferably within Pharmaceuticals, Manufacturing etc.

Certifications (Highly Desirable):

• CISSP (Certified Information Systems Security Professional)
• CISM (Certified Information Security Manager)
• CEH (Certified Ethical Hacker)
• Relevant vendor-specific certifications such as AWS Security, Azure Security, Palo Alto Networks, and Fortinet

Skills & Competencies:

• In-depth knowledge of cybersecurity frameworks such as NIST, ISO 27001, and MITRE ATT&CK.
• Strong expertise in network security, application security, cloud security (AWS, Azure, GCP), and data protection principles.
• Proficient in SIEM platforms including Splunk, Microsoft Sentinel, and IBM QRadar, as well as EDR/XDR solutions, firewalls, IDS/IPS, DLP, and IAM technologies.
• Familiarity with scripting languages such as Python and PowerShell for automation and analytical purposes is advantageous.
• Solid understanding of operating systems (Windows and Linux) and database security.
• Experience with security automation and orchestration platforms (SOAR).