About the Role: the position depends on Designing, implement, and maintain the organization's cybersecurity architecture. Ensure the confidentiality, integrity, and availability of all IT systems, applications, and data. Manage and optimize intrusion detection/prevention systems, firewalls, endpoint protection, and SIEM tools.
Responsibilities :
- Implement security controls such as multi-factor authentication (MFA), role-based access control (RBAC), and least privilege principles.
- Manage user access controls, authentication mechanisms, and regular access audits to prevent unauthorized activities.
- Supervise daily security operations including monitoring, detection, and response to cyber threats.
- Oversee Security Operations Center (SOC) performance, ensuring timely escalation and resolution of incidents.
- Monitor network traffic, system logs, and alerts to detect suspicious or malicious activity.
- Stay current with emerging cybersecurity threats and implement proactive measures to mitigate risks.
- Develop and maintain cybersecurity incident response plans and procedures.
- Lead response efforts to contain and mitigate incidents in coordination with cross-functional teams.
- Conduct root-cause analysis and prepare detailed incident reports with corrective recommendations.
- Coordinate with IT infrastructure teams to close vulnerabilities and prevent recurrence.
- Engage external partners (e.g., law enforcement or cybersecurity vendors) when necessary.
- Conduct vulnerability assessments and penetration testing to identify and prioritize weaknesses.
- Support enterprise risk assessment and vulnerability management programs.
- Ensure compliance with relevant cybersecurity regulations and frameworks (e.g., NCA, ISO 27001, NIST, GDPR, HIPAA).
- Conduct regular audits and assessments to verify adherence to policies and procedures.
- Prepare and maintain documentation required for audits and certifications.
- Monitor and report on overall compliance status and exceptions.
- Develop, implement, and enforce cybersecurity policies, standards, and procedures across departments.
- Regularly review and update policies in alignment with new threats, technologies, and regulatory changes.
- Ensure that systems and processes follow approved security configurations and baselines.
- Develop and deliver cybersecurity awareness training and phishing simulations for employees.
- Provide technical guidance and mentorship to IT and security teams.
- Offer security advice and support to employees on day-to-day issues and concerns.
- Foster a culture of security awareness across the organization.
- Supervise cybersecurity analysts and technicians, assigning tasks and evaluating performance.
Qualifications:
- Bachelor's degree in computer science, Information Security, or related field.
- 6 - 8 years of experience in Cybersecurity, including experience leading a team.
Skills & Competencies:
- Strong understanding of cybersecurity principles, technologies, and best practices.
- Experience with cybersecurity tools and technologies, such as firewalls, SIEM, IDS/IPS, and endpoint protection , DLP.
- Knowledge of NCA controls and local cybersecurity frameworks.
- Knowledge of network protocols, operating systems, and cloud computing environments.
- Certifications such as CISSP,CISA, CEH, or CompTIA Security+ are highly desirable.
- Excellent analytical, problem-solving, and communication skills.
- Familiarity with cloud and hybrid environments
- Ability to work effectively in a fast-paced environment and prioritize tasks based on risk and impact.
