Head of Cybersecurity

Head of Cybersecurity

Position Summary:

The Head of Cybersecurity is a senior leadership role responsible for developing, implementing, and overseeing the company’s cybersecurity strategy across Governance, Risk, and Compliance (GRC), IT Cybersecurity, and OT Cybersecurity. This individual will build and lead a team of cybersecurity professionals to protect Client’s digital assets, infrastructure, and operations from cyber threats while ensuring compliance with relevant regulations and industry standards.

Key Responsibilities:

Cybersecurity Strategy and Leadership

• Develop and execute a comprehensive cybersecurity strategy aligned with Client’s business objectives and risk tolerance
• Lead and mentor a team of cybersecurity professionals, fostering a culture of innovation, collaboration, and continuous improvement
• Advise senior management and the board on cybersecurity risks, initiatives, and investments

Governance, Risk, and Compliance (GRC)

• Establish and maintain a robust GRC framework for cybersecurity
• Conduct regular risk assessments to identify and prioritize cybersecurity risks across the organization
• Develop and implement policies, procedures, and controls to mitigate identified risks and ensure compliance with relevant regulations and industry standards (e.g., NIST, ISO 27001, GDPR)
• Emphasis on financial controls and SOX regulations

IT Cybersecurity

• Oversee the security of Client’s IT infrastructure, including networks, systems, applications, and data
• Implement and manage security technologies such as firewalls, intrusion detection/prevention systems, and data encryption
• Conduct vulnerability assessments and penetration testing to identify and remediate security weaknesses
• Develop and maintain incident response and disaster recovery plans

OT Cybersecurity

• Ensure the security of Client’s Operational Technology (OT) systems, including industrial control systems (ICS) and supervisory control and data acquisition (SCADA) systems
• Collaborate with OT teams to implement security controls and best practices specific to OT environments
• Monitor and respond to cybersecurity incidents affecting OT systems
• Conduct regular security assessments and audits of OT infrastructure

Team Building and Development

• Build and lead a diverse and skilled team of cybersecurity professionals across GRC, IT, and OT domains
• Define roles, responsibilities, and skill requirements for each team member
• Provide ongoing training, development, and mentorship opportunities to keep the team up to date with the latest cybersecurity trends and technologies
• Foster a collaborative and inclusive team culture that encourages knowledge sharing and innovation

Stakeholder Engagement and Communication

• Collaborate with cross-functional teams, including IT, OT, legal, and compliance, to align cybersecurity initiatives with business objectives
• Communicate cybersecurity risks, strategies, and performance to senior management, the board, and other stakeholders
• Develop and deliver cybersecurity awareness training programs for employees

Required Qualifications

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field; Master’s degree preferred
• 10+ years of experience in cybersecurity, with at least 5 years in a leadership role
• Deep knowledge of cybersecurity frameworks, standards, and best practices (e.g., NIST, ISO 27001, GDPR)
• Strong understanding of IT and OT security technologies and architectures
• Proven track record of building and leading high-performing cybersecurity teams
• Excellent communication, presentation, and stakeholder management skills
• Relevant cybersecurity certifications (e.g., CISSP, CISM, CRISC) preferred