The Cyber Operations and Threat & Vulnerability Manager (IT & OT) is responsible for overseeing cybersecurity operations, threat detection, vulnerability management, and risk mitigation across both Information Technology (IT) and Operational Technology (OT) environments. This role ensures the organization's IT and OT infrastructures are protected from evolving cyber threats, vulnerabilities, and risks. The manager leads efforts to detect, assess, and remediate security weaknesses while coordinating responses to mitigate potential impacts on both digital and physical systems. This role is critical in ensuring the security posture of the entire organization, encompassing both traditional IT systems and specialized OT environments such as Industrial Control Systems (ICS) and SCADA.
KEY ACCOUNTABILITIES:
Cyber Operations Oversight (IT & OT):
- Manage and oversee daily cyber operations across both IT and OT environments, ensuring consistent security monitoring, incident response, and threat detection.
- Lead the Security Operations Center (SOC) to monitor and respond to cyber threats in real-time, ensuring a unified approach for both IT and OT infrastructures.
- Implement and enforce security policies, procedures, and controls tailored to the specific needs of both IT and OT systems, ensuring alignment with industry best practices and regulatory requirements.
Threat Detection & Response (IT & OT):
- Oversee threat detection and response efforts across the organization using SIEM, XDR, and other specialized security tools for both IT and OT environments.
- Develop and implement incident response playbooks, ensuring they address potential threats to both IT systems (e.g., networks, servers, endpoints) and OT systems (e.g., SCADA, ICS, PLCs).
- Work closely with threat intelligence teams to stay updated on emerging threats, vulnerabilities, and attack vectors targeting both IT and OT infrastructures.
Threat Detection & Response (IT & OT):
- Oversee threat detection and response efforts across the organization using SIEM, XDR, and other specialized security tools for both IT and OT environments.
- Develop and implement incident response playbooks, ensuring they address potential threats to both IT systems (e.g., networks, servers, endpoints) and OT systems (e.g., SCADA, ICS, PLCs).
- Work closely with threat intelligence teams to stay updated on emerging threats, vulnerabilities, and attack vectors targeting both IT and OT infrastructures.
Threat Detection & Response (IT & OT):
- Oversee threat detection and response efforts across the organization using SIEM, XDR, and other specialized security tools for both IT and OT environments.
- Develop and implement incident response playbooks, ensuring they address potential threats to both IT systems (e.g., networks, servers, endpoints) and OT systems (e.g., SCADA, ICS, PLCs).
- Work closely with threat intelligence teams to stay updated on emerging threats, vulnerabilities, and attack vectors targeting both IT and OT infrastructures.
Security Engineering & Hardening (IT & OT):
- Work with IT and OT engineering teams to implement security best practices during the design, development, and deployment of new systems.
- Ensure that all IT and OT systems are hardened against known vulnerabilities and emerging attack vectors by applying patches, configurations, and security controls
Incident Response & Coordination (IT & OT):
- Lead the organization's incident response efforts across IT and OT systems, ensuring rapid identification, containment, and remediation of security incidents.
- Coordinate cross-functional teams, including IT, OT, forensics, and legal, to ensure a cohesive response to major incidents affecting both environments.
- Perform post-incident analysis and root cause investigations to identify gaps in security controls and improve future incident response capabilities.
Security Monitoring & Optimization (IT & OT):
- Continuously monitor the effectiveness of security tools and processes across IT and OT environments, ensuring timely detection and response to potential threats.
- Work with the threat detection and threat hunting teams to optimize security monitoring tools and improve alert accuracy for both IT and OT systems.
- Leverage insights from threat intelligence and threat hunting activities to enhance proactive threat detection and response capabilities.
Collaboration with Cross-Functional Teams:
- Collaborate with IT, OT, and business stakeholders to ensure security operations align with organizational goals and risk management strategies.
- Work closely with compliance teams to ensure that both IT and OT environments meet regulatory requirements such as NCA, NIST, ISO 27001, NERC-CIP, and ISA/IEC 62443.
Collaboration with Cross-Functional Teams:
- Collaborate with IT, OT, and business stakeholders to ensure security operations align with organizational goals and risk management strategies.
- Work closely with compliance teams to ensure that both IT and OT environments meet regulatory requirements such as NIST, ISO 27001, NERC-CIP, and ISA/IEC 62443.
Security Awareness & Training (IT & OT):
- Develop and implement security awareness programs tailored to both IT and OT personnel, ensuring employees understand potential threats and the importance of following security policies.
- Conduct training sessions for IT and OT teams on incident response, vulnerability management, and secure system configurations
QUALIFICATIONS :
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Engineering, or a related field (master's degree preferred).
- 6+ years of experience in cybersecurity operations, incident response, or vulnerability management, with experience in OT environments such as ICS/SCADA.
- Experience managing cybersecurity programs that span both IT and OT environments.
- Proficiency in SIEM platforms, XDR, and other monitoring tools for both IT and OT infrastructures.
- Strong hands-on experience with vulnerability management tools (e.g., Tenable, Qualys, Nessus, OT-specific platforms).
- Deep understanding of IT security controls as well as OT-specific controls for ICS, SCADA, and PLC systems.
- Knowledge of threat intelligence, incident response, and forensics in both IT and OT environments.
