Cybersecurity tech coe leader

At Microland, we do mission-critical work for great companies. We specialize in Cybersecurity solutions, Digital Transformation journey and business automation roadmaps.Our Cybersecurity experts are results-obsessed, focused and flexible, highly engaged and hugely experienced. Those qualities are what make us different than old-school Information Security Operations Centers. And surely, they are why clients and partners describe us as the gold standard in client experience.Microland has been recognized as the Key Challenger & Market leader in Cybersecurity business by several leading market research agencies. Therefore, we are also considered as The Partner of choice by our target customers due to our Nimble yetCustomer-obsessed culture.About this Role:We are growing our Global Cybersecurity Business and seeking a Cybersecurity Center of Excellence (Co E) Leader to strengthen our Global Cybersecurity Delivery practice. Reporting to the Head of Technology Delivery, this role blends engineering, compliance, red/purple team leadership, and innovation, specifically focusing on SOC & Cloud Security practices, to help clients improve their cybersecurity posture.This is a hands-on leadership role - you’ll be building capabilities, leading teams, engaging with clients, and shaping next-generation cybersecurity services.Key ResponsibilitiesInnovation, Thought Leadership & Client Enablement- Create cybersecurity innovations and technical solutions that address market/customer needs, opportunities, or problems.- Create and deliver white papers, presentations and demos for client/prospect meetings, industry events, and conferences.- Support Co E infrastructure, processes and knowledge management; demonstrate curiosity and a problem-solving mentality.- Contribute to business-facing deliverables and thought leadership to support client engagements.Assessments, Frameworks & Risk Evaluation- Perform cybersecurity assessments using formal frameworks (Fed RAMP, NIST, PCI, NIST CSF and equivalents).- Conduct compliance readiness, vulnerability and risk assessments and evaluate technical security architecture and controls.- Analyze and synthesize cyber and log information with other data sources; fuse computer network attack analyses with threat intelligence to evaluate and interpret risk.- Conduct analysis on network traffic, large sets of logs and other security data for breach analysis.Offensive Security — Red Team & Ethical Hacking- Hands-on red teaming and ethical hacking across technologies (network, applications, mobile, embedded, ICS/SCADA, wired/wireless).- Create red team attack scenarios focusing on weakest entry points, creative multi-method testing, stealth, pivoting, privilege escalation, and covert persistence.- Execute social engineering, phishing, physical security testing and other human-element attacks.- Stay on top of fast-changing red team TTPs and associated tools to deliver successful services.- Design and deliver advanced offensive capabilities to identify new security solutions.Defensive Understanding & Collaboration (Blue Team / SOC)- Understand and work with defensive teams: Blue Team, SOC, monitoring and response (SIEM, IDS/IPS), EDR (including bypass techniques), and overall detection & indicator concepts.- Create effective red team activities to test defensive controls (e.g., developing/using malware, pivoting, stealthy techniques) and help defenders improve.- Collaborate with CIRC Team to perform “devil’s advocate” simulations against organizational detection and prevention capabilities.Exercises, Simulations & Purple Teaming- Create and design attack simulations: Tabletop Exercises, Attack Simulation Exercises, Blue-Red Team Exercises with intelligence-led tactics, techniques and procedures.- Ensure gaps identified from simulations are remediated with assistance from the CIRC Team.- Host quarterly Purple Team exercises to identify unknown gaps; collaborate with stakeholders to execute, document, curate and present results.Incident Response, Forensics & Operations- Perform client operations and incident response activities; utilize security technologies including SIEM, IDS and HBSS.- Conduct DFIR and forensic investigations and integrate findings into broader threat analysis and remediation actions.Vulnerability Validation & Remediation- Validate and propose solutions for public Proof-of-Concept Remote Code Execution exploits; determine risk and impact to the organisation.- Proactively identify remediation and patching courses of action and work with responsible teams to implement fixes.Labs, Tooling & Research- Organize and manage the Microland AG Hackers Lab in APAC, including creating hacking workbenches for department use.- Keep up to date with the most recent hacking tools and frameworks; explore functionality and proactively identify detection gaps with the CIRC Team.- Be comfortable learning and adopting new OS, tools, development languages and online technologies.Cloud, IAM & Third-Party Tools- Knowledge of public cloud security services (VPC, data encryption, public/private key security, etc.).- Ability to architect and engineer cybersecurity methodologies and frameworks for AWS, Azure and GCP.- Knowledge of Identity & Access Management tools (Sail Point, Ping, or similar).- Understanding and use of third-party security tools such as RSA, Mc Afee, Splunk, etc.Communication, Leadership & Mentoring- Strong communication skills and ability to work with all stakeholders (internal and external), advise and implement the best solutions.- Leadership and teamwork mentality: mentor colleagues, help them develop, and improve team capabilities.- Maintain a hands-on mentality while providing strategic leadership and capability building.Skills & Technical Expertise- Red & Purple Teaming, Phishing, Social Engineering, App Sec, Infosec, Penetration Testing (Pentest)- TTPs, Threat Analysis, Threat Modeling, EDR, SOC, SIEM, IDS/IPS- Forensic Investigation, DFIR, Networks/Systems/Applications, IOCs, IOAs- Malware development, Malware analysis, Reconnaissance, Weaponization, Delivery, Exploitation, C2 (Command & Control), Lateral Movement- Ethical Hacking, Web Application Security, Mobile Security, Device Testing- Tools & scanners: Burp, Nessus, Nmap, Ncat (and equivalents)- Scripting and platforms: Linux, Windows, OSX; various scripting/development languages and automation tools- Certifications/skills referenced: OSCP, OSCE, GPEN, GXPN, GMON (and equivalent practitioner skills)Qualifications:- 12+ years experience in security operations or analytical roles, preferably in enterprise environments.- Strong knowledge of infrastructure security, vulnerability management, risk assessments, and cybersecurity policy development.- Understanding of IT/security controls, compliance readiness, and technical security architecture/design/implementation.- At least one recognized certification (CISSP, CEH, CCSP, GSEC, GIAC, etc.); experience with SIEM and SOAR platforms preferred.- Experience working in Agile environments with excellent leadership, team management, and communication skills.- Ability to work independently, mentor teams, and contribute to business development/sales opportunities in cybersecurity.- Entrepreneurial mindset with interest in helping grow and scale business practices.- Bachelor’s degree in computer engineering, cybersecurity or related field is required- Management consulting experience is preferred.- Willingness to travel up to 20%.