Senior ISO Security Officer

Job Type :
Full Time Opportunity

Responsible for supporting the Incident Response Manager in overseeing the organization’s incident response lifecycle, ensuring effective identification, assessment, and remediation of cybersecurity threats and vulnerabilities. This role involves leading cross-functional teams, conducting risk assessments, and implementing incident response strategies to strengthen the organization's overall security posture. The ideal candidate will have a deep understanding of cybersecurity threats and technical expertise to manage incidents and provide strategic recommendations to reduce risks.

• Lead staff in managing the security assessment of applications, systems, and vendors.
• Exudes technical proficiency in defining and executing critical response methodologies, providing cybersecurity risk assessments, conducting tabletop exercises, and developing action plans.
• Create, develop, and validate cybersecurity playbooks tailored to organizational needs.
• Track lessons learned to improve processes, manage multiple projects simultaneously, and follow up on action plans to address security gaps.
• Provide input during the creation, review, and update of security-related policies, standards, and procedures.
• Prepare and present technical meetings, metrics reports, and corporate crisis management updates.
• Mentor and guide the incident response team, fostering collaboration across multiple business units.
• Develop and implement processes to minimize threats, enhance the security posture, and streamline incident response procedures.
• Monitor, investigate, and summarize technical and non-technical incidents, providing actionable insights and detailed reports for legal and leadership review.
• Proactively search for malicious activity in the organization’s network and systems, leveraging threat intelligence insights to strengthen defenses.
• Analyze incidents to assess root causes, technical impacts, mitigation priorities, and business implications, coordinating with third‑party stakeholders as needed.
• Support the development and testing of contingency plans and participate in forensic analyses and severe event planning.
• Collaborate effectively with cross‑functional teams and external partners, ensuring a unified response to security incidents.
• Develop and conduct threat modeling exercises to identify vulnerabilities and propose remediation measures.
• Stay current with evolving security trends, threats, and vulnerabilities, applying insights to mitigate risks within the financial sector and ensuring regulatory compliance.
• Monitor and update enterprise‑wide security policies, standards, and guidelines to meet compliance requirements and enhance detection and monitoring operations.
• Proficiency in tracking and documenting incidents, providing actionable insights, and contributing to policy development.
• Experience collaborating with regulatory and compliance teams to align security operations with legal requirements.
• Ability to analyze and respond to zero‑day vulnerabilities, malware outbreaks, and other critical security events.

This Job has no supervisory responsibilities but in special circumstances may lead the work of others.

Bachelor’s degree in Computer Engineering, Computer Science, Information Systems / Technology, or a related field.

Seven+ (7) years of experience managing cyber security incidents.

• Security+
• CompTIA CySA+
• CompTIA Pen Test+
• CEH
• CISSP
• CCSP

• Strong business acumen : ability to understand the needs and concerns of business stakeholders and colleagues and respond promptly and effectively to stakeholder requests. An ability to conduct analysis of work procedures and business results and recommend changes to improve the effectiveness of the business' management.
• Strong technical acumen : knowledge of Cyber Security, Information Security, and Information Technology concepts. Strong knowledge of processes, controls, efficiency metrics and reporting concepts. Ability to write technical instructions using programs and technology. Robust knowledge of…