Principal Accountabilities
Strategy and Policy Development & Implementation
- Develop and implement comprehensive cybersecurity strategies and policies aligned with organizational goals. Ensure that these policies are regularly reviewed and updated to address emerging threats, technologies, and regulatory changes.
Risk Management and Assessment
- Identify, assess, and prioritize cybersecurity risks across the organization. Implement risk mitigation strategies and ensure regular risk assessments are conducted to maintain an effective security posture.
Security Operations and Monitoring
- Oversee day-to-day security operations, including continuous monitoring of systems, networks, and applications for potential threats. Utilize advanced security tools and threat intelligence to detect and respond to suspicious activities proactively.
Incident Response and Management
- Lead the organization’s response to security incidents, ensuring swift containment, investigation, and remediation. Establish and maintain incident response plans and conduct regular drills to ensure readiness.
Compliance and Governance
- Ensure compliance with relevant legal, regulatory, and industry standards such as ISO 27001, GDPR, or HIPAA. Develop governance frameworks to support secure and accountable information systems management.
Team Leadership and Management
- Provide leadership and direction to the cybersecurity team, including hiring, mentoring, and performance management. Foster a culture of collaboration, accountability, and continuous learning within the team.
Security Awareness and Training
- Design and implement organization-wide security awareness programs to educate employees on security best practices, policies, and procedures. Conduct regular training sessions to reduce human-related security risks.
Vendor Risk Management
- Assess and manage the cybersecurity risks associated with third-party vendors and partners. Establish security requirements for vendors and conduct periodic audits to ensure compliance.
Communication and Reporting
- Maintain clear and effective communication with stakeholders, including executive leadership and technical teams. Prepare and present regular reports on cybersecurity metrics, incidents, risks, and compliance status.
Continuous Improvement
- Promote a culture of continuous improvement by regularly evaluating and enhancing cybersecurity processes, tools, and policies. Stay updated with the latest security trends and technologies to ensure the organization remains resilient against evolving threats.
Educational Qualifications & Certifications
Relevant Experience
- Bachelor’s Degree in Engineering (Preferably Computer Science or Information Science), or equivalent
- Minimum 12 years of related work experience out of which 04 years into Leadership and Management.
Competencies
- Broad Cybersecurity Knowledge
- Risk Management and Assessment
- Strategic Thinking
- Vision and Planning
- Team Leadership
- Decision-Making
- Problem-Solving
