Cyber Security Team Lead

Responsibilities
Lead and deliver end-to-end security risk assessments across diverse technology landscapes including on-premise, cloud platforms (AWS, Azure), DevOps pipelines, IoT, and third-party systems.


Drive and review complex vulnerability assessments, ensuring risks are accurately identified, prioritized, and addressed with actionable remediation strategies.


Design, review, and enhance enterprise security policies, standards, and procedures to ensure alignment with business objectives and regulatory compliance (e.g., NIST, ISO 27001, CSA, MAS).


Provide technical leadership and mentoring in application security practices such as secure code reviews, threat modelling (STRIDE, PASTA), architecture assessments, and secure SDLC adoption.


Lead cloud security reviews including configuration audits, IAM analysis, encryption practices, and hybrid cloud governance.


Oversee System Security Acceptance Testing (SSAT), develop test strategies, validate controls, and confirm system readiness prior to go-live.


Develop and present risk reports and executive summaries, translating technical findings into clear, business-focused recommendations.


Act as a key point of contact for stakeholders, ensuring high-quality delivery of cybersecurity engagements and maintaining strong client relationships.


Stay current with evolving threats, tools, and best practices, while contributing thought leadership across multiple cybersecurity domains.


Coach and develop junior team members to build a high-performing, collaborative, and technically capable security team.


Requirements
Bachelor’s degree in computer science, IT, Cybersecurity, or a related field (master’s degree is advantageous).


Recognized industry certifications such as CISSP, CISM, OSCP, CCSP, CISA, or equivalent are strongly preferred.


5–8 years of experience in cybersecurity consulting, with proven expertise in risk assessment, application security, cloud security, security governance, and vulnerability management.


Practical experience with cloud security across AWS, Azure, or GCP, including knowledge of native tools and best practices.


Strong background in threat modelling (e.g., STRIDE, PASTA) and security testing in CI/CD environments.


Solid understanding of regulatory frameworks and industry standards (e.g., NIST 800-series, ISO 27001, CIS Controls, MAS TRM).


Demonstrated leadership in managing projects and teams, with the ability to run multiple engagements simultaneously.


Excellent stakeholder management and executive communication skills.


Ability to balance strategic thinking with technical expertise to deliver impactful cybersecurity outcomes.


#J-18808-Ljbffr