Lead Information Security Analyst

Glocomms have partnered with a global consumer brand who is seeking a Lead Information Security Analyst to lead enterprise-wide cybersecurity initiatives and elevate their security posture across both cloud and on-premises environments.

Key Responsibilities

• Architect, deploy, and manage security solutions aligned with business goals and regulatory requirements.
• Lead strategic initiatives including Data Loss Prevention (DLP), Zero Trust architecture, Cloud Security, Network Segmentation, IAM, and Endpoint Security modernization.
• Oversee email protection platforms and gateway solutions to defend against phishing, malware, and data exfiltration.
• Implement DNS security controls to mitigate domain hijacking and malicious communications.
• Conduct threat detection, incident response, and post-incident analysis to ensure rapid containment and recovery.
• Manage vulnerability assessment and remediation programs, providing visibility into risk posture for leadership.
• Develop and refine incident response and disaster recovery plans to minimize disruption and enhance resilience.
• Establish and enforce security policies and standards based on frameworks such as NIST, CIS, ISO 27001, and SOX.
• Collaborate with IT, DevOps, and business units to embed security into system architecture and development pipelines.
• Lead security awareness initiatives to foster a culture of vigilance and reduce human-related risk.
• Continuously assess and improve security maturity through innovation in tools, processes, and governance.
• Utilize automation and orchestration to streamline detection, response, and compliance efforts.
• Mentor junior team members and advise cross-functional groups on secure design principles.
• Stay current on emerging threats and technologies to proactively strengthen defenses.

Qualifications and Skills

• Bachelor's degree in Computer Science, Cybersecurity, or related field (Master's preferred).
• 7+ years of progressive experience in security engineering, architecture, or operations.
• Deep expertise in data protection, cloud security, email/DNS security, and identity management.
• Hands-on experience with Microsoft 365 security tools and email gateway platforms.
• Familiarity with DNS filtering and protection solutions.
• Proven success in leading awareness programs and advancing security maturity.
• Strong grasp of Zero Trust, vulnerability management, endpoint protection, and automation.
• Knowledge of security frameworks (NIST CSF, CIS Controls, ISO 27001, SOX).
• Experience with multi-cloud environments and DevSecOps practices.
• Scripting or automation skills (Python, PowerShell, Bash) preferred.
• Relevant certifications such as:
  • CISSP, CISM, GIAC
  • Microsoft Cybersecurity Architect Expert or Security Operations Analyst
  • AWS Security Specialty
  • CompTIA Security+, CySA+, CASP+
  • Azure Security Engineer Associate
• Excellent communication and leadership skills with the ability to influence across teams.