Information Security Operations Lead

The Information Security Operations Lead is responsible for the operational execution, oversight, and continuous improvement of the Bank’s cybersecurity program, ensuring alignment with regulatory requirements (FFIEC, GLBA, NIST CSF) and enterprise risk management objectives.

 

This role translates the Information Security Officer's (ISO) strategic direction into measurable, tool-driven security operations, including security monitoring, identity and access management (IAM), incident response, and control enforcement.

The Operations Lead serves as the primary accountable leader for day-to-day cybersecurity operations, overseeing analysts and engineers and ensuring the effective use of security platforms, including SIEM, IAM, endpoint protection, and vulnerability management tools.

The ideal candidate is technical and possesses at least seven years of experience in technology and security administration across large heterogeneous networks, including third-party entities. Additionally, as a senior member of the information security team, the role requires leadership skills to coach and mentor less experienced staffers. Information Security Operations Lead is expected to manage the team and execute the security strategy as directed by senior management.

 

This position requires strong written and oral communication skills, as well as the ability to convey detailed technical information in a manner comprehensible to individuals with varying levels of experience and skill. This role requires the ability to speak confidently in front of large groups and with corporate management, vendors, and service providers. The Information Security Operations Lead also contributes to the company's IT security strategy and roadmap.

 

ESSENTIAL DUTIES

 

The duties listed below may not include all responsibilities that the person in this role may be asked to perform. Incumbent may be required to perform other related duties as assigned.

 

Security Operations

• Oversee daily security operations, including SIEM monitoring, alert triage, and escalation
• Ensure detection use cases are developed, tuned, and aligned to emerging threats
• Oversee configuration, optimization, and integration of security tools (SIEM, EDR, email security, vulnerability management)
• Ensure security controls are properly implemented across systems and platforms
• Drive automation and orchestration initiatives to improve operational efficiency
• Maintain system documentation, baselines, and configuration standards

 

Incident Response

• Act as primary escalation point for security incidents and SOC activities
• Lead coordination of incident response across IT and business units
• Ensure timely containment, eradication, and recovery of security incidents
• Maintain and test incident response playbooks and procedures
• Conduct post-incident reviews and implement corrective actions
• Integrate threat intelligence into monitoring and detection capabilities

 

Identity and Access Management (IAM)

• Oversee user provisioning and deprovisioning processes
• Conduct and enforce periodic access reviews and certifications
• Ensure implementation of MFA, SSO, and privileged access controls
• Enforce least privilege and segregation of duties
• Improve and automate access management processes

 

Compliance and Risk Management

• Execute and maintain security controls aligned with FFIEC, GLBA, and NIST CSF
• Support internal and external audits, including evidence collection and remediation tracking
• Perform and support risk assessments and control validation activities
• Ensure enforcement of security policies and procedures across the organization

 

Reporting and Metrics

• Develop and track key performance indicators (KPIs) and key risk indicators (KRIs)
• Provide operational reporting to the ISO
• Identify trends and implement improvements to strengthen the security posture

Team Leadership and Collaboration

• Supervise and mentor security analysts and engineers
• Assign tasks and ensure appropriate operational coverage
• Foster a culture of accountability, collaboration, and continuous learning
• Partner with IT, application teams, and business units to embed security into operations
• Participate in change management and project initiatives to ensure secure implementation