Lead and manage end-to-end threat detection, analysis, and incident response activities, including handling advanced persistent threats and complex attack scenarios.
Design and execute threat intelligence programs, leveraging open-source intelligence (OSINT), deep/dark web monitoring, and commercial threat feeds to proactively identify emerging risks.
Serve as a subject matter expert (SME) for Security Operations Centers (SOC), guiding escalation procedures, refining operational workflows, and mentoring technical teams in threat handling.
Develop and enhance cyber incident playbooks, detection rules, and escalation protocols tailored to both internal environments and regulatory expectations.
Oversee the lifecycle of threat events-from initial identification to remediation-and deliver high-impact briefings and reports to senior stakeholders.
Collaborate with cross-functional teams including IT, infrastructure, legal, and compliance to align security operations with business and regulatory goals.
Support and advise on security transformation programs, including the deployment and tuning of SIEM, EDR, and threat intelligence platforms.
Contribute to red/blue team exercises, merger & acquisition cybersecurity readiness, and governance activities related to audit, risk, and compliance.
Continuously evaluate and improve the security posture through the integration of emerging technologies, industry best practices, and lessons learned from real-world incidents.
