Head of IT Service and security operations Department

We are seeking a high-level Head of IT Service and security operations Department to advise and support the continuous improvement of our both IT operations and IT Service/Security teams. This role combines leadership and mature management, technical oversight, strategic process design, and operational coordination across key tools and workflows, process and human resources. You will act as an manager of technical bridge across IT, security, and service management domains.

The main responsibilities for the position are:

·High level management of the 2 unit /”It operations” and “System and secure operations units”, ~ 23 person/ under the Infrastructure directorate in Eurobank Bulgaria – Postbank.

·Provides leadership, coaching and direction to the Operations services teams. Fosters a business service-oriented culture and mind-set driven by a focus on high availability, system resilience, continuous improvement, security and cost effectiveness;

·Management of strategic input on monitoring strategy, security event handling, and operational maturity.

·Managing the processes for the continuous monitoring of security and/or system events and incidents.

·Lead the operations tasks with analyze and respond to cybersecurity threats and vulnerabilities.

·Coordinate incident response activities and manage security breaches.

·Conduct in-depth Threat Intelligence analysis of threat data.

·Identify and mitigate potential security risks.

·Manage and maintain security tools and technologies.

·Monitor the performance and effectiveness of security systems.

·Lead the Bank to mature department with high goals for аutomating routine tasks and streamlining workflows as Security Orchestration, Automation, and Response (SOAR) team.

·Support tool governance, platform lifecycle discussions, and risk-aligned monitoring practices.

·Provide administrative support to the Team Lead

·Assist in defining process improvements and maintaining regulatory or internal control alignment.

·Facilitate knowledge transfer, documentation standardization, and operational scaling efforts.

Our requirements (Fundamentals):

·Experience: Minimum of 5+ years of leadership and management experience in cybersecurity or security operations with proven track record in managing security incidents and threat analysis.

·Significant experience in IT service management, security operations, or infrastructure monitoring.

·Previous involvement in platform optimization, cross-team alignment, or monitoring architecture.

·Demonstrated ability to operate across departments and influence decisions with data and logic.

·Familiarity with enterprise-grade monitoring, detection, and incident handling tools.

·Strategic communication and documentation capabilities, with a process-oriented mindset.

·Network & Security Skills: Strong knowledge understanding of networking protocols (TCP/IP) and security solutions like firewalls, IDS/IPS systems, and VPNs3.

·SIEM Expertise: configure correlation rules, build dashboards, and manage alerts

·Incident Response: techniques for identifying, isolating, and mitigating security incidents.

·Bachelor’s degree in computer science, Information Security, or a related field.

·Advanced certifications such as CISSP, CISM, or CEH are highly desirable.

Advantage (Considered as a Plus):

·Experience advising or leading multi-platform monitoring environments. / Web application firewalls, IPS/IDS, Antispam solutions, EDR and XDR solutions.

·Tool governance and risk alignment knowledge (e.g., IT controls, audit readiness).

·Familiarity with enterprise frameworks (e.g., ITIL, NIST, MITRE ATT&CK).

·Advanced certifications such as CISSP, CISM, or CEH is highly desirable.

·SANS Institute Certifications-Council’s SOC Essentials Course (S|CE), Splunk Architect, Microsoft Azure Security Engineer.

·It or security experience in financial institutions.

We offer:

·A strategic role with influence on platform governance and operational roadmap.

·Opportunities to shape cross-functional detection and response practices.

·Engagement in coordination, advisory, and improvement-focused initiatives.

·A mature environment that values critical thinking, depth, and systemic insight.