Head of IT Service and Security Operations Department

Role Overview

The Head of IT Service and Security Operations Department plays a pivotal role in advancing and supporting the ongoing improvement of both IT Service Operations and IT Security Operations teams. This position demands a blend of strong leadership and experienced management, ensuring seamless technical oversight and strategic direction. The successful candidate will be responsible for designing and refining key operational processes, coordinating efforts across essential tools, workflows, and personnel, and ensuring that all activities align with organizational goals. By serving as a manager who bridges the IT, Security, and Service management domains, this role is critical for integrating processes and fostering effective collaboration across departments and ensuring alignment with industry standards and national laws.

The main responsibilities for the position are:

• Oversaw both IT Operations and IT Service & Security Operations, managing approximately 23 people within the Infrastructure Directorate at Eurobank Bulgaria – Postbank.

• Leads and coaches Operations teams, promoting a service-oriented culture focused on high availability, resilience, improvement, security, and cost efficiency.

• Management of strategic input on monitoring scope, technologies, strategy, security event handling, and operational maturity.

• Managing the processes for the continuous monitoring of security and/or system events and incidents.

• Lead the operations tasks, analyze and respond proactively to cybersecurity threats and vulnerabilities enhancing the current methods introducing holistic approaches.

• Coordinate incident response activities and manage potential security breaches and potential security risks.

• Conduct in-depth Threat Intelligence analysis of threat data.

• Manage and maintain security tools and technologies.

• Oversee security systems and methodologies to ensure compliance with laws, regulations, industry standards, and best practices.

• Lead the Bank to mature department with high goals for automating routine tasks and streamlining workflows such as Security Orchestration, Automation, and Response (SOAR).

• Support tool governance, platform lifecycle discussions, and risk-aligned monitoring practices.

• Provide hands on support and guidance to the Direct Reports.

• Assist in defining process improvements and maintaining regulatory or internal control alignment.

• Facilitate knowledge transfer, documentation standardization, and operational scaling efforts.

Our requirements (Fundamentals):

• Experience: Minimum of 5+ years of leadership and management experience in cybersecurity or security operations with proven track record in managing security incidents and threat analysis.

• Significant experience in IT service management, security operations, or infrastructure monitoring.

• Previous involvement in platform optimization, cross-team alignment, or monitoring architecture.

• Demonstrated ability to operate across departments and influence decisions with data and logic.

• Familiarity with enterprise-grade monitoring, detection, and incident handling tools.

• Strategic communication and documentation capabilities, with a process-oriented mindset.

• Network & Security Skills: Strong knowledge understanding of networking protocols (TCP/IP) and security solutions like firewalls, IDS/IPS systems, and VPNs3.

• SIEM Expertise: configure correlation rules, build dashboards, and manage alerts

• Incident Response: techniques for identifying, isolating, and mitigating security incidents.

• Bachelor’s degree in computer science, Information Security, or related field.

• Advanced certifications such as CISSP, CISM, CCISO, or CEH are highly desirable.

• Experience in Implementation of frameworks and industry standards (ITIL, NIST, MITRE ATT&CK, DORA, NIS 2).

Advantage (Considered as a Plus):

• Experience advising or leading multi-platform monitoring environments. / Web application firewalls, IPS/IDS, Antispam solutions, EDR and XDR solutions.

• Tool governance and risk alignment knowledge (e.g., IT controls, audit readiness).

• SANS Institute Certifications, GIAC GSOM, Advanced Microsoft Azure Security Certifications.

• Development and leading of IT Operations/Security Operations teams in financial institutions.

We offer:

• A strategic role with influence on platform governance and operational roadmap.

• Opportunities to shape cross-functional detection and response practices.

• Engagement in coordination, advisory, and improvement-focused initia tives.

• A mature environment that values critical thinking, depth, and systemic insight.

Information regarding the processing of personal data is provided via our Privacy Statement 20180529-PB-A4-Uvedomlenie-GDPR-kandidati.pdf (postbank.bg)https://www.postbank.bg/-/media/Postbank/files/GDPR/20180529-PB-A4-Uvedomlenie-GDPR-kandidati.pdf