MRE Consulting, Ltd. (LM)
Head of Cybersecurity
Position Summary:
The Head of Cybersecurity is a senior leadership role responsible for developing, implementing, and overseeing the company’s cybersecurity strategy across Governance, Risk, and Compliance (GRC), IT Cybersecurity, and OT Cybersecurity. This individual will build and lead a team of cybersecurity professionals to protect Client’s digital assets, infrastructure, and operations from cyber threats while ensuring compliance with relevant regulations and industry standards.
Key Responsibilities:
Cybersecurity Strategy and Leadership
- Develop and execute a comprehensive cybersecurity strategy aligned with Client’s business objectives and risk tolerance
- Lead and mentor a team of cybersecurity professionals, fostering a culture of innovation, collaboration, and continuous improvement
- Advise senior management and the board on cybersecurity risks, initiatives, and investments
Governance, Risk, and Compliance (GRC)
- Establish and maintain a robust GRC framework for cybersecurity
- Conduct regular risk assessments to identify and prioritize cybersecurity risks across the organization
- Develop and implement policies, procedures, and controls to mitigate identified risks and ensure compliance with relevant regulations and industry standards (e.g., NIST, ISO 27001, GDPR)
- Emphasis on financial controls and SOX regulations
IT Cybersecurity
- Oversee the security of Client’s IT infrastructure, including networks, systems, applications, and data
- Implement and manage security technologies such as firewalls, intrusion detection/prevention systems, and data encryption
- Conduct vulnerability assessments and penetration testing to identify and remediate security weaknesses
- Develop and maintain incident response and disaster recovery plans
OT Cybersecurity
- Ensure the security of Client’s Operational Technology (OT) systems, including industrial control systems (ICS) and supervisory control and data acquisition (SCADA) systems
- Collaborate with OT teams to implement security controls and best practices specific to OT environments
- Monitor and respond to cybersecurity incidents affecting OT systems
- Conduct regular security assessments and audits of OT infrastructure
Team Building and Development
- Build and lead a diverse and skilled team of cybersecurity professionals across GRC, IT, and OT domains
- Define roles, responsibilities, and skill requirements for each team member
- Provide ongoing training, development, and mentorship opportunities to keep the team up to date with the latest cybersecurity trends and technologies
- Foster a collaborative and inclusive team culture that encourages knowledge sharing and innovation
Stakeholder Engagement and Communication
- Collaborate with cross-functional teams, including IT, OT, legal, and compliance, to align cybersecurity initiatives with business objectives
- Communicate cybersecurity risks, strategies, and performance to senior management, the board, and other stakeholders
- Develop and deliver cybersecurity awareness training programs for employees
Required Qualifications
- Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field; Master’s degree preferred
- 10+ years of experience in cybersecurity, with at least 5 years in a leadership role
- Deep knowledge of cybersecurity frameworks, standards, and best practices (e.g., NIST, ISO 27001, GDPR)
- Strong understanding of IT and OT security technologies and architectures
- Proven track record of building and leading high-performing cybersecurity teams
- Excellent communication, presentation, and stakeholder management skills
- Relevant cybersecurity certifications (e.g., CISSP, CISM, CRISC) preferred