Motivation letter based on the responsibilities is required
Job Profile: Cyber Defense Organization (CDO) coordinator
Position Overview:
The coordinator of Cyber Defense Organization (CDO) is responsible for designing, implementing, and evolving a robust internal cyber defense and response structure to protect the organization from cyber threats. This role will oversee the establishment and strategic development of a 2nd Tier Security Operations Center (SOC) focusing on incident response, along with related blue-team functions and setting up red-teaming, vulnerability management, attack surface management, and Cyber Security Incident Response Team (CSIRT) coordination. With a vision of maturing the organization into a fully functional, resilient Cyber Defense Organization, the ideal candidate will guide the expansion of capabilities through internal resources, external contractors, and managed security service providers (MSSPs).
As a result of the departure of some employees, there is currently a need for both quantitative and qualitative strengthening of the CDO. The coordinator will have to function as a hub in the web.
Key Responsibilities:
1. CDO Strategy and Vision Development:
- Develop and lead a multi-year roadmap for the Cyber Defense Organization, aligning with organizational risk tolerance, compliance requirements, and business objectives.
- Formulate strategies for setting up and expanding the CDO to a mature and fully operational state,continuously improving detection, response, and remediation capabilities.
2. SOC and Blue Team Operations:
- Oversee the establishment and management of a 2nd Tier SOC, with primary responsibilities in security monitoring, incident response, threat detection, and blue team operations.
- Integrate proactive red-teaming and vulnerability assessment capabilities to identify and mitigate internal and external threats effectively.
3. Vulnerability and Attack Surface Management:
- Develop, build and run frameworks and processes for continuous vulnerability scanning, assessment, and remediation that is focused and prioritized on our organisation's specific needs.
- Guide the creation and evolution of attack surface management practices to minimize exposure and quickly respond to new threats.
- Coordinate penetration (or redteaming) testing on applications, network and infrastructures (IT and OT) to identify potential vulnerabilities and weaknesses.
4. CSIRT Coordination and Incident Management:
- Establish a centralized CSIRT coordination process to standardize and streamline incident handling and escalation procedures.
- Coordinate with cross-functional teams to ensure incidents are managed with an emphasis on speed, accuracy, and effectiveness.
5. Team Leadership and Development:
- Manage and coach the CDO team members. The CDO team is fairly junior, which means that as a coordinator you regularly have to roll up your sleeves.
- Lead the hiring, training, and professional development of the CDO team, ensuring roles are filled with skilled professionals.
- Evaluate and engage external resources (contractors, MSSPs) as necessary to augment internal capabilities.
6. Performance Measurement and Reporting:
- Develop key metrics and reporting frameworks to monitor the effectiveness of cyber defense activities and SOC performance.
- Regularly present CDO progress, challenges, and successes to executive leadership and stakeholders.