Role Purpose:
As a Cybersecurity Manager your primary purpose is to safeguard the organization’s information systems by planning, implementing, and overseeing security measures. This role is critical in ensuring the confidentiality, integrity, and availability of the company's data assets. The Cybersecurity Manager is responsible for identifying potential threats, managing security incidents, and developing comprehensive security policies and procedures.
Accountabilities:
- Establish Cybersecurity practice with policy and processes.
- Deploy / Fine-tune existing and new Cybersecurity technologies and optimize to specific business use-case.
- Keep track of the latest trends in cybersecurity & establish Advisory Practice group wide.
- Use existing tool sets and others to identify targeted attacks. Be fully aware of how to use the Mitre Framework use the D3fend framework to map internal controls.
- Establish Third-party Risk Framework
- Ensure adhering to CIS controls v8, NIST & other local frameworks organization wide.
- Conduct interactive Security Awareness Workshops.
- Evaluate current licenses and subscriptions specific to Cybersecurity and possibly achieve cost saves.
- Fine-tune / re-evaluate Email Security Gateway and Cloud Security solutions and processes.
- Deploy and fine-tune Microsoft Autopilot
- Ensuring compliance with the organizations policies, procedures, and industry best practices.
- Establish and maintain data classification policies and standards, ensuring organization-wide adherence and compliance with regulatory requirements.
- Deploy, configure, and monitor Data Loss Prevention (DLP) tools and technologies to protect sensitive data and respond to potential breaches or policy violations.
- Collaborate with the SOC team to respond promptly to security incidents and proactively monitor systems for potential threats.
- Lead the development and implementation of comprehensive cybersecurity strategies, focusing on IT security architecture and alignment with business objectives.
- Conduct security incident response investigations, participate in post-incident analysis, and integrate security solutions with cross-functional teams.
- Develop and maintain documentation related to cybersecurity policies, procedures, and architecture designs, ensuring effective communication of security risks and mitigation strategies.
- Mentor and train new team members on the latest cybersecurity technologies and methodologies, fostering a culture of continuous improvement in cybersecurity practices and awareness.
Education & Qualification
- Bachelor’s degree in information security, Computer Science, Information Technology, or a related field.
- 6+ years of experience in Cyber Security, with a focus on Threat Detection, Incident Response, and Vulnerability Management.
- Strong understanding of cyber security frameworks, standards, and best practices (e.g., NIST, ISO 27001, CIS Controls).
- Proficiency with security tools and technologies such as SIEM, IDS/IPS, firewalls, and endpoint protection solutions.
- Experience with scripting and automation tools (e.g., Python, PowerShell) for security operations.
- Excellent problem-solving skills and the ability to work under pressure in a fast-paced environment.
- Strong communication skills, with the ability to convey complex security concepts to non-technical stakeholders.
- Relevant certifications such as OSCP, CEH, CISSP, CISM, CISA or GIAC are highly desirable.
Preferred Qualifications
- Master’s degree in cyber security or a related field.
- Experience with Cloud Security (e.g., AWS, Azure, Google Cloud Platform).
- Knowledge of advanced threat detection techniques, including machine learning and artificial intelligence.
- Familiarity with DevSecOps practices and secure software development lifecycle (SDLC) methodologies.
- Experience with regulatory compliance and data privacy laws in different regions.
Knowledge & Skills
- In-depth knowledge of Cybersecurity Risks, Threats, and Adversaries/APT’s
- In-depth knowledge of how to use Threat Intelligence for proactive defense
- Strong analytical and critical thinking skills to identify and analyze security threats.
- Proficient in using security information and event management (SIEM) tools.
- Skilled in conducting forensic analysis and incident response.
- Ability to stay updated with the latest cyber security trends, threat intelligence, and regulatory requirements.
- Excellent communication and teamwork skills to collaborate effectively with cross-functional teams.