As the Head of Cybersecurity, you will be responsible for the comprehensive oversight of the organization's cybersecurity landscape, encompassing operational security of technology environments and broader enterprise security concerns. Your role involves safeguarding company assets from internal and external threats, implementing agile security measures, and fostering a culture of security awareness throughout the company.
Duties
Thorough understanding of security architectures, frameworks, tools, and best practices.
In-depth knowledge of methodologies, processes, and policies for protecting organizational data.
Ability to collaborate across the entire business, influencing senior stakeholders to drive essential information security initiatives.
Strategic thinking with strong project management and organizational abilities.
Excellent communication and interpersonal skills, including the ability to convey technical concepts accurately and engagingly to non-technical audiences.
Proactive problem-solving capabilities and attention to detail.
Ability to thrive in fast-paced environments and manage multiple projects simultaneously.
Strong leadership skills with a collaborative mindset.
Responsibilities
Develop and implement a strategic cybersecurity roadmap aligned with organizational goals and risk appetite.
Lead the evolution of the cybersecurity program to ensure comprehensive coverage across the organization.
Oversee the establishment and maintenance of an enterprise security architecture that protects company assets across all departments and functions.
Ensure secure integration and protection of systems, networks, applications, and data.
Oversee security incident detection, response, and remediation across the enterprise.
Ensure proper incident reporting, analysis, and lessons learned to prevent future occurrences.
Collaborate with executive leadership and department heads to integrate security considerations into strategic planning and daily operations.
Present regular updates to senior leadership and senior management on the cybersecurity posture and any significant threats or incidents.
Evaluate and recommend security tools, technologies, and services to enhance the organization's defense mechanisms.
Develop, maintain, and oversee enforcement of Cybersecurity policies, procedures, and standards.
Ensure compliance with frameworks and regulatory standards (e.g., NERC CIP, NIST CSF, EPCIP, NIS2, ISO 27001, CIS CSC, GDPR, etc.).
Educate leadership and staff on security awareness, technologies, and processes.
Stay current on cyber threats, vulnerabilities, and industry best practices and educate the organization accordingly.
Experience
Master's degree preferred; Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a comparable industry-recognized qualification.
Experience in Agile and DevSecOps environments is desirable.
Proven experience securing enterprise infrastructure, systems, applications, and data, including cloud security, network security, and endpoint security.
Proven experience leading external information security partners (e.g., MSSP, SOC).
Proven experience building and leading a security team.
Experience handling regulatory controls and compliance efforts over multiple jurisdictions.
Previous experience in a senior leadership role in a comparable environment.
Proven experience working with external auditors through the auditing process to remediation.
Experience in OT environments is desirable, especially in the renewables space and related regulatory landscape (e.g., NERC CIP/EPCIP/NIS2).
Professional certifications are desirable (e.g., CISSP, CISM, SANS, GIAC, OSCP, CCIE, AWS SCS, etc.).GCS is acting as an Employment Agency in relation to this vacancy