Cybersecurity Operations Lead

• Act as the primary point of contact for significant security incidents, investigations, and escalations.
• Drive cybersecurity initiatives from planning to execution, ensuring alignment with business objectives and regulatory requirements.
• Mentor and guide junior analysts, fostering a culture of continuous learning and operational excellence.
• Influence security strategy by proactively identifying gaps, recommending solutions, and championing best practices.
• Represent the Information Security team in cross-departmental meetings, communicating risks and recommendations to both technical and non-technical stakeholders.

• Lead the monitoring, analysis, and triage of security events from SIEM, EDR, IDS/IPS, firewalls, and other detection platforms.
• Oversee and direct root cause analyses for complex security incidents, ensuring timely containment, eradication, recovery, and lessons learned.
• Enhance the organization's threat detection and response capabilities through tool optimization, process improvement, and integration efforts.

• Oversee vulnerability assessments, ensure accurate risk prioritization, and collaborate with stakeholders to address findings within defined SLAs.
• Partner with IT and application teams to embed security into project lifecycles, reducing exposure to known and emerging threats.

• Lead enforcement of identity and access management controls, including periodic access reviews, least-privilege enforcement, and privileged access oversight.
• Collaborate with HR, IT, and compliance teams to ensure identity governance processes meet operational and regulatory requirements.

• Ensure adherence to industry regulations (HIPAA, PCI-DSS, SOC 2, HITRUST) and security frameworks (NIST, CIS).
• Prepare and present security posture updates, audit findings, and remediation status to leadership.
• Lead the delivery of targeted security awareness training and phishing simulations, measuring effectiveness and engagement.

• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or equivalent work experience.
• 5–8 years of progressive experience in information security, with at least 2 years in a lead or senior analyst capacity.
• Demonstrated leadership in incident response, vulnerability management, and security operations.
• Advanced knowledge of security platforms such as Splunk, CrowdStrike, SentinelOne, Azure Security Center, or equivalents.
• Deep understanding of network protocols, cloud infrastructure security (Azure preferred), and endpoint security.
• Proven ability to communicate clearly and concisely, avoiding unnecessary rambling.
• Strong active listening skills, ensuring understanding before responding.
• Willingness to ask clarifying questions when needed instead of making assumptions.
• Experience collaborating effectively with both technical and non-technical stakeholders.

• Relevant certifications: CISSP, CISM, CEH, GSEC, CySA+, or equivalent.
• Experience in healthcare, fintech, or other regulated industries.
• Direct involvement in SOC 2, HITRUST, or PCI-DSS audits.

NationsBenefits