W2 - Lead of Cybersecurity Operations
Acumenz Consulting, Richardson, Texas, United States, 75080
Overview
The
Lead of Cybersecurity Operations
is a hands-on, strategic leader responsible for managing day-to-day cybersecurity operations. This role focuses on threat detection, incident response, vulnerability management, and third-party patching within a hybrid cloud environment. The ideal candidate can investigate a compromised system, perform forensic analysis, and deliver a detailed DFIR report explaining
what happened, how it happened, when it occurred, and attacker dwell time . Key Responsibilities
Lead Cybersecurity Operations team (SOC, Incident Response, Vulnerability Management) Oversee threat detection and response using: Rapid7 InsightIDR Proofpoint Own third-party patch management strategy and execution Tools may include PDQ Connect, Patch My PC, Microsoft EAM Coordinate vulnerability scanning, prioritization, and remediation Develop and maintain playbooks and SOPs aligned with
ISO 27001, NIST, CIS Partner with IT, DevOps, and Application teams for secure deployments Track KPIs and operational metrics Support audits, risk assessments, and compliance initiatives Mentor team members and promote a culture of accountability and innovation Mandatory Qualifications
8+ years in cybersecurity operations (SOC, IR, vulnerability management) 3+ years in a leadership or team lead role Strong DFIR experience (host, memory, network forensics) Experience with enterprise security tools: CrowdStrike, Rapid7, Proofpoint, Code42 Patch management experience (PDQ, Intune, Patch My PC) Strong knowledge of
ISO 27001, NIST CSF, CIS Experience with
AWS
and hybrid environments Excellent communication, leadership, and analytical skills Nice-to-Have
Certifications:
CISSP, GCIA, GCIH , or equivalent Experience leading teams through cloud migrations Strong problem-solving and collaboration skills
#J-18808-Ljbffr
The
Lead of Cybersecurity Operations
is a hands-on, strategic leader responsible for managing day-to-day cybersecurity operations. This role focuses on threat detection, incident response, vulnerability management, and third-party patching within a hybrid cloud environment. The ideal candidate can investigate a compromised system, perform forensic analysis, and deliver a detailed DFIR report explaining
what happened, how it happened, when it occurred, and attacker dwell time . Key Responsibilities
Lead Cybersecurity Operations team (SOC, Incident Response, Vulnerability Management) Oversee threat detection and response using: Rapid7 InsightIDR Proofpoint Own third-party patch management strategy and execution Tools may include PDQ Connect, Patch My PC, Microsoft EAM Coordinate vulnerability scanning, prioritization, and remediation Develop and maintain playbooks and SOPs aligned with
ISO 27001, NIST, CIS Partner with IT, DevOps, and Application teams for secure deployments Track KPIs and operational metrics Support audits, risk assessments, and compliance initiatives Mentor team members and promote a culture of accountability and innovation Mandatory Qualifications
8+ years in cybersecurity operations (SOC, IR, vulnerability management) 3+ years in a leadership or team lead role Strong DFIR experience (host, memory, network forensics) Experience with enterprise security tools: CrowdStrike, Rapid7, Proofpoint, Code42 Patch management experience (PDQ, Intune, Patch My PC) Strong knowledge of
ISO 27001, NIST CSF, CIS Experience with
AWS
and hybrid environments Excellent communication, leadership, and analytical skills Nice-to-Have
Certifications:
CISSP, GCIA, GCIH , or equivalent Experience leading teams through cloud migrations Strong problem-solving and collaboration skills
#J-18808-Ljbffr