Cybersecurity Operations Lead

About The Position

Requirements

• 7+ years of experience in 3 or more technology areas
• Well versed with Managed Services Delivery working for a GSI company such as Cognizant, HCL, TCS.
• Leadership, client communication, ability to work with global teams to drive work efforts
• Compliance aware
• MUST roll up the sleeves and work across a broad range of security tools and technologies
• Well rounded knowledge across other technology areas
• Be the face of Capgemini
• Work with other support groups (both internal and external to Capgemini)
• Security Tool agnostic domain/technology experience

Responsibilities

• Daily operational delivery – Work hand in hand with identified customer security leadership teams and offshore security lead/SME’s of individual cyber technology towers; to deliver day-to-day cyber security oversight onsite.
• Morning check-in with client security/IT leads
• Review of overnight SOC alerts
• Review security dashboards/metrics (SIEM health, endpoint coverage, critical control status) and confirm telemetry is flowing
• Vulnerability scans and ticket queues
• Triage and risk-based prioritization of issues; coordination with infrastructure, application, network and IAM teams for remediation.
• Validate patching and remediation progress for top risks (critical CVEs, misconfigurations) and remove blockers
• Review/approval of security exceptions and change requests
• Participation in project and architecture discussions to embed security controls early; walkthroughs of compliance/audit evidence needs and policy adherence
• Status reporting (metrics, risks, blockers, and actions) to stakeholders
• End-of-day follow-up to confirm progress, escalate urgent items, and prepare the next day’s priorities.
• Check privileged access activity (PAM alerts, break-glass use, new admin grants) and confirm approvals are documented
• Oversee EDR/AV exceptions (new exclusions, tuning requests) and ensure compensating controls are in place
• Daily incident readiness actions: confirm on-call/escalation paths, validate open incident tickets, and run quick “what changed?” checks
• Threat intel / emerging risk review relevant to the client environment and translate into actionable checks/hunts
• Run/coordinate a short risk & issue triage huddle (top 5 risks, new findings, due dates, owners)
• Vendor/service review touchpoints (SOC/SIEM provider quality, false-positive tuning, SLA adherence)
• Communicate security advisories to onsite teams (maintenance windows, high-risk findings, required user actions)
• Provide Cyber Security Leadership - Provide leadership in all security areas to ensure our external system partners are minimizing cyber security risks, this includes the following areas of security specialization: Security Architecture, Governance, Risk & Compliance, Identity and Access management, Firewall architecture and integration, Cyber Threat Research, Vulnerability Assessment and Penetration Testing, Security Project Management, SOC Analysis
• Security Operations – Oversee all security operations including managing our external SOC relationship and activities to ensure their correct classification of vulnerabilities/issues and their timely resolution. Provide risk-based activities prioritization, tracking, reporting, and liaising with external vendors and internal stakeholders.
• Develop a budget and operating plan for the security program.
• Exercise good judgement when dealing with issues and ensuring a sense of urgency in their resolution while remaining calm and focused.
• Security Planning and Projects - Design, implement, and maintain cyber security plan that includes an evaluation method to assess the security program strengths and identify areas for improvement.
• Initiate, oversee, and report on projects that will improve our security stance.
• Lead the planning and the decision support process for the security program, coordinating with a variety of internal stakeholders & senior executives.
• Research and evaluate new cybersecurity threats, IT trends, and security controls.
• Ensure response plans are kept up to date and communicated to leadership in addition to leading preparation sessions for cyber response (tabletop) and leading forensic investigations when necessary.
• Security Processes - Develop, implement, and oversee enforcement of security policies, procedures and work plans based on industry best practices.
• Ensure that IT security audits are conducted.
• Develop and deliver cyber training and testing.
• Produce reports that help drive a strong cyber security position that provide enough detail for action, but in a format that can be easily understood by management.
• Drive a culture to stay current on the latest cyber security trends, emerging technologies, threats, and incorporate appropriate safeguards into our security program.

Benefits

• Paid time off based on employee grade (A-F), defined by policy: Vacation: 12-25 days, depending on grade, Company paid holidays, Personal Days, Sick Leave
• Medical, dental, and vision coverage (or provincial healthcare coordination in Canada)
• Retirement savings plans (e.g., 401(k) in the U.S., RRSP in Canada)
• Life and disability insurance
• Employee assistance programs
• Other benefits as provided by local policy and eligibility