Freelance Cyber Defense Organization (CDO) Coordinator (ZZP)

Motivation letter based on the responsibilities is required

Job Profile: Cyber Defense Organization (CDO) coordinator

Position Overview:

The coordinator of Cyber Defense Organization (CDO) is responsible for designing, implementing, and evolving a robust internal cyber defense and response structure to protect the organization from cyber threats. This role will oversee the establishment and strategic development of a 2nd Tier Security Operations Center (SOC) focusing on incident response, along with related blue-team functions and setting up red-teaming, vulnerability management, attack surface management, and Cyber Security Incident Response Team (CSIRT) coordination. With a vision of maturing the organization into a fully functional, resilient Cyber Defense Organization, the ideal candidate will guide the expansion of capabilities through internal resources, external contractors, and managed security service providers (MSSPs).

As a result of the departure of some employees, there is currently a need for both quantitative and qualitative strengthening of the CDO. The coordinator will have to function as a hub in the web.

Key Responsibilities:

1. CDO Strategy and Vision Development:

- Develop and lead a multi-year roadmap for the Cyber Defense Organization, aligning with organizational risk tolerance, compliance requirements, and business objectives.

- Formulate strategies for setting up and expanding the CDO to a mature and fully operational state,continuously improving detection, response, and remediation capabilities.

2. SOC and Blue Team Operations:

- Oversee the establishment and management of a 2nd Tier SOC, with primary responsibilities in security monitoring, incident response, threat detection, and blue team operations.

- Integrate proactive red-teaming and vulnerability assessment capabilities to identify and mitigate internal and external threats effectively.

3. Vulnerability and Attack Surface Management:

- Develop, build and run frameworks and processes for continuous vulnerability scanning, assessment, and remediation that is focused and prioritized on our organisation’s specific needs.

- Guide the creation and evolution of attack surface management practices to minimize exposure and quickly respond to new threats.

- Coordinate penetration (or redteaming) testing on applications, network and infrastructures (IT and OT) to identify potential vulnerabilities and weaknesses.

4. CSIRT Coordination and Incident Management:

- Establish a centralized CSIRT coordination process to standardize and streamline incident handling and escalation procedures.

- Coordinate with cross-functional teams to ensure incidents are managed with an emphasis on speed, accuracy, and effectiveness.

5. Team Leadership and Development:

- Manage and coach the CDO team members. The CDO team is fairly junior, which means that as a coordinator you regularly have to roll up your sleeves.

- Lead the hiring, training, and professional development of the CDO team, ensuring roles are filled with skilled professionals.

- Evaluate and engage external resources (contractors, MSSPs) as necessary to augment internal capabilities.

6. Performance Measurement and Reporting:

- Develop key metrics and reporting frameworks to monitor the effectiveness of cyber defense activities and SOC performance.

- Regularly present CDO progress, challenges, and successes to executive leadership and stakeholders.