Head of IT Cybersecurity

About The Position

Requirements

• Bachelor’s degree in Computer Science, Information Security, Engineering, or related field.
• Senior hands-on experience in cybersecurity engineering, security operations, or cyber infrastructure leadership.
• Demonstrated experience with:
• Microsoft Defender, Purview, Intune, Entra ID
• Identity, endpoint, and cloud security
• Azure and AWS workload protection
• Detection engineering and incident response
• Strong network security fundamentals
• Demonstrated success implementing cybersecurity controls in complex, multi-national organizations.
• Team-first, ego-free collaborator
• High technical credibility and execution discipline
• Calm, structured, and decisive under pressure
• Strong collaborator with operations, infrastructure, and engineering teams
• Pragmatic, hands-on, solutions-oriented, outcome-focused, and production-aware
• Comfortable working across roles, titles, and disciplines
• Understands that security succeeds only when the business succeeds
• Capable of meeting OSHA standards for manual lifting guidelines: < 50lbs
• While performing the duties of this job it is required to stand, walk, and use hands to operate objects, reach with hands or arms; climb, balance, stoop, kneel, or crouch when necessary for job activity.
• Ability to stand and/or walk for extended periods.

Nice To Haves

• Relevant security certifications (e.g. CISSP, CISM, cloud security certifications) are advantageous but not mandatory.
• Demonstrated execution impact is valued over formal credentials.
• Industrial and manufacturing IT/OT exposure strongly preferred.
• Palo Alto and Cisco experience highly valued.

Responsibilities

• Cybersecurity Control Architecture & Engineering
• Design and maintain security architectures and technical standards aligned to Group cybersecurity strategy and enterprise risk appetite.
• Engineer, implement, and lifecycle-manage cybersecurity controls across all relevant enterprise technology domains, including:
• Microsoft Defender (Endpoint, Identity, Cloud, Office)
• Microsoft Purview (Information Protection, DLP, data governance)
• Microsoft Intune (device compliance, endpoint hardening)
• Entra ID security, Conditional Access, Privileged Identity Management
• Security logging, monitoring, and incident detection and response (e.g. SIEM/SOAR)
• Backup, recovery, and cyber-resilience capabilities
• Application, API, and integration security
• Third-party, vendor, and supply-chain cybersecurity controls
• Security of AI-enabled platforms, automation, and data pipelines
• Security policy, risk, and governance controls
• Translate high-level security principles, policies, and standards into practical, implementable technical designs.
• Embed security-by-design into operational systems, integrations, and automation platforms.
• Ensure security tooling is cohesive, observable, and automatable, avoiding unnecessary complexity and leveraging AI-enabled capabilities where appropriate.
• Security Operations & Control Execution
• Own day-to-day cybersecurity operations, delivered internally or via managed services, including:
• Security monitoring and detection (SOC)
• Vulnerability and exposure management
• Secure configuration and patch coordination
• Ensure cybersecurity controls are consistently deployed, monitored, tested, and remediated.
• Drive operational discipline, reliability, and continuous improvement in security execution.
• Define and enforce secure configuration baselines and continuously manage configuration drift.
• Define and operate a clear internal vs. managed service execution model with strong vendor accountability.
• Network, Industrial & IT/OT Security
• Lead cybersecurity execution across industrial and manufacturing environments, including IT/OT convergence.
• Design and enforce segmentation, access control, and visibility using:
• Palo Alto firewalls (physical and virtual)
• Cisco enterprise and industrial networking platforms
• Work directly with manufacturing and engineering teams to ensure:
• Security does not disrupt production
• Controls reflect operational realities
• Risk reduction is measurable and pragmatic
• Security Operations & Incident Command
• Serve as the technical and operational incident commander during cybersecurity incidents across IT and OT environments.
• Lead containment, recovery, and remediation with calm, factual, and timely communication.
• Coordinate response across infrastructure, applications, cloud, data platforms, and manufacturing systems.
• Lead post-incident root cause analysis and remediation execution.
• Control Effectiveness & Continuous Improvement
• Define and track operational cybersecurity metrics, including:
• Control coverage and effectiveness
• Detection and response performance
• Vulnerability remediation progress
• Provide data-driven insights to support cybersecurity risk reporting and investment decisions.
• Continuously improve cybersecurity controls based on operational feedback and lessons learned.
• Team Leadership, Coaching & Collaboration
• Build and lead a lean, execution-focused cybersecurity engineering and operations team.
• Ensure clear role definitions and segregation of duties.
• Foster a culture where security is embedded, pragmatic, collaborative, and trusted.
• Coach and develop technical talent to build deep execution capability and operational resilience.