Lead, Group Cyber Security Operations

At First Quantum, we free the talent of our people by taking a very different approach which is underpinned by a very different, very definite culture – the “First Quantum Way”.

Working with us is not like working anywhere else, which is why we recruit people who will take a bolder, smarter approach to spot opportunities, solve problems and deliver results.

Our culture is all about encouraging you to think independently and to challenge convention to deliver the best result. That’s how we continue to achieve extraordinary things in extraordinary locations.

Job description:

Company Description

First Quantum Minerals is a leading Canadian-based global mining & metals company focused on the production of copper, nickel, gold & cobalt. As a company, we strive for continuous excellence and after 25 years of operations we are now one of the world’s top 10 copper producers, exporting millions of tonnes of concentrate from multiple countries to customers worldwide. Our operations and future developments span across Africa, Europe, the Middle East, Australia and the Americas, and we are globally recognised for our specialist technical, engineering, construction and operational skills, which allow us to unlock value from complex mineral projects and deliver rewarding careers for our people, returns for our shareholders and sustainable development for the many local communities that host our operations. As we expand our operations, continue to provide metals to build the modern world and shift to a low carbon, greener economy in the years ahead, our mining projects will continue to require the best and the brightest talent to help us solve the emerging challenges of our time, shape our business and unlock opportunities for our future.

Job Description

Although our production and financial results are the engine that drives our business, it is the depth of capability in our people that will continue to determine First Quantum’s ongoing success. Reporting to the Group Information Security Manager of our Information Security & Technology Risk division, the Group Cyber Security Operations Lead will be responsible for managing and leading the day-to-day Cyber Security Operations to ensure the protection of the Company’s information assets across IT & OT environments. This role will oversee the operational effectiveness of security technologies, incident response capabilities, and vendor performance while driving continuous improvement, automation, and operational efficiency within the security operations function. The role will require working collaboratively across the whole Group and all functions to improve the maturity of security operational effectiveness. In addition, will drive increased organisational operational security effectiveness through a generosity and openness of expertise and experiences. The role with also work with the wider Security and ICT teams to identify, propose and create applicable new service offerings to reduce risk across the First Quantum landscape.

Key Responsibilities:

The Group Cyber Security Operations Lead’s general accountabilities include, but are not limited to, the below:

Operational Management:

• Oversee daily cyber security operations, including the performance and effectiveness of the Managed Security Operations Center (SOC) service.

• Manage and track security-related tickets and incidents related to security technologies and services (e.g., firewalls, endpoint protection, etc.).

• Conduct root cause analysis of security tickets to identify patterns, reduce noise, and address repeat incidents.

• Enhance automation and efficiency in ticket resolution processes to improve overall response times and quality.

Incident Response:

• Establish and maintain a robust incident response framework, ensuring rapid containment and mitigation of security incidents.

• Collaborate with internal and external stakeholders, including regulators, legal teams, and law enforcement, for incident resolution and compliance.

• Ensure capabilities are in place to detect, contain, and remediate cyber threats.

• Support local teams across sites in improving incident response practices and building on-site capabilities.

• Lead tabletop exercises and simulations to test and enhance the Company’s readiness for cyber incidents.

Ticket and Queue Management:

• Oversee the security team’s ticketing queues, ensuring timely triage, escalation, and resolution of all security-related incidents and service requests.

• Drive operational excellence by tracking metrics, reporting performance, and ensuring SLA adherence for all security tickets.

Vulnerability Management & Threat Intelligence:

• Implement and manage a comprehensive vulnerability management program, designed to ensure timely patching and risk mitigation.

• Lead threat intelligence initiatives to proactively identify and respond to emerging cyber threats targeting the mining industry.

• Work with stakeholder teams to remediate vulnerabilities across IT and OT environments.

Collaboration and Process Improvement:

• Work closely with Managed Services to design, build, and refine playbooks and workflows to address emerging risks and threats.

• Partner with internal stakeholders and vendors to ensure alignment of security operations with business needs and security objectives.

• Foster a culture of continuous improvement by identifying areas for operational optimisation and skill enhancement within the security team.

• Work with the Group Manager, Information Security to ensure that the program meets the needs of the business and complies with all relevant regulations.

• Identify education and training needs, within the team and across the organisation.

• Educate and influence senior leadership.

Generic:

• Monitor compliance with internal policies.

• Respond to audit findings and implement remediation measures.

• Contribute to the IT security roadmap and planning thereof.

• Maintain up to date knowledge of security threats, counter measures and vendor capabilities.

• Deliver capabilities aligned to First Quantum’s Information Security Standards.

• Support the development of security maturity across the organisation.

Qualifications:

• A graduate qualification in Information Security, Computer Science, or Engineering is highly regarded as well as additional current security certifications.

Experience & Technical Skills Required:

• A minimum of 5 years’ experience working within Security Operations.

• Proven experience in leading security operations or a similar role within an enterprise environment.

• Strong understanding of cyber security technologies and services, including SOC operations, SIEM tools, EDR solutions, firewalls, and cloud security.

• Hands-on experience with incident response processes, root cause analysis, and operational management of security tickets.

• Knowledge of automation tools and processes to streamline security operations.

• Excellent communication and leadership skills with the ability to manage and inspire cross-functional teams.

• Proficiency with documenting design, technical decisions and recommendations

• Ability to operate in a global, matrixed enterprise environment

Desirable:

• Certifications such as CISSP, CISM, or equivalent.

• Experience with Managed Security Service Providers (MSSPs).

• Familiarity with frameworks such as NIST CSF, ISO 27001, or MITRE ATT&CK.

• Experience in playbook development and scripting (e.g., SOAR platforms).

Behavioural Traits Required:

• Ability to work under pressure in a sometimes-stressful environment with little supervision

• Strong stakeholder management skills to work collaboratively with diverse teams.

• A results-oriented mindset with a focus on achieving operational excellence.

• Excellent communication skills, both verbal and written, to an audience of senior management as well as other stakeholders.

• Flexible and adaptable – capable of changing direction when required and flexible to meet new demands.

• Multi-tasking – can manage several concurrent projects and prioritise demands.

• Can make decisions that are well informed and timely.

• Self-starter, with ability to progress work without significant need for support from senior colleagues.

• Solve problems collaboratively.

• Promote innovation, desired values and ways of working.

• Be boundaryless and share knowledge to improve the wider team capability.

Other Requirements:

• Candidates must have the right to work in the applicable region without visa sponsorship.

• Willingness to work and travel across FQM’s operations and locations worldwide.

• Fluency in English is required. Proficiency in other languages highly regarded.

Additional Information

First Quantum Benefits:

A dynamic, challenging and extraordinary working environment where safety is a number one priority.

Opportunity to develop within a growing company that is currently one of the world's top 10 copper producers.

Highly competitive base compensation & financial incentives (discretionary bonuses & Long-term share plan).

Leave options aligned with local market best practice.

Performance over presence culture & flexible working environment as per business requirements.

Diversity & Inclusion:

At FQM, while at the beginning of our D&I journey, we are committed to embedding the principles of diversity and inclusion into our culture, company and practices with the aim of ensuring an environment of equity irrespective of race, gender age, religion, identity or experience.

Office or Operation’s Location: Cape Town (Hybrid working with 3 days office based)

Visit our website and register for instant job alerts at careers.first-quantum.com

Follow us for the latest news at LinkedIn

If you are already a First Quantum employee and have access to the First Quantum network, log into First Quantum MINE > Careers to apply internally for this opportunity.

If you are an employee without network access, contact your Site Recruiter.