- Company Name
- PetLab Co.
- Job Title
- Cybersecurity Lead
- Job Description
-
Job Title: Cybersecurity Lead
Role Summary: Lead the design, implementation, and enforcement of enterprise‑wide information security programs. Own the security roadmap, policy compliance, risk management, and incident response. Serve as the primary security advisor to senior leadership, ensuring alignment between security initiatives and business objectives while maintaining compliance with global standards and regulations.
Expactations: • 10+ years of progressive experience in cybersecurity or information security roles.
• In-depth knowledge of ISO 27001, NIST, GDPR, and related compliance frameworks.
• Proven track record of driving policy adoption, conducting audits, penetration testing, and board‑level reporting.
• Strong executive communication skills and ability to translate technical security concepts to non‑technical stakeholders.
Key Responsibilities:
- Develop and execute a company‑wide cybersecurity roadmap aligned with NIST/ISO 27001.
- Own and enforce security policies, ensuring cross‑functional compliance.
- Standardize SSO/MFA, IAM, PAM, and privileged account controls.
- Harden endpoint devices, implement mobile/USB controls, and manage patching cycles.
- Deploy and manage MDR/EDR solutions and a SIEM for detection, monitoring, and response.
- Strengthen network and cloud security through segmentation, Zero Trust, firewall hardening, and AWS/M365 hardening.
- Embed data protection, DLP, retention, and sharing controls.
- Ensure robust backup, recovery, and DR plans are tested against ransomware threats.
- Lead annual security audits, penetration tests, tabletop exercises, and report findings to the board and executive team.
- Establish governance for change management, asset visibility, and vendor security reviews.
- Build cross‑functional relationships to promote security awareness and accountability.
Required Skills:
- Expertise in IAM, PAM, EDR/MDR, SIEM, device management, and cloud security.
- Experience with security frameworks (ISO 27001, NIST, GDPR).
- Strong understanding of compliance requirements (PCI DSS, CCPA, payment regulations).
- Leadership and project management skills in fast‑paced, high‑growth environments.
- Excellent written and verbal communication, able to engage technical and non‑technical audiences.
Required Education & Certifications:
- Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or related field.
- CISSP certification required; CISM, CCSP, or similar security certifications desirable.