Expert Cybersecurity Leader

Senior Cyber Security Leader

We seek an accomplished Senior Cyber Security professional to advance our cybersecurity strategy, lead critical initiatives, and safeguard our technology ecosystem.

Key Responsibilities:

• Provide authoritative guidance on cybersecurity projects, ensuring timely completion and ongoing maintenance of security operations.
• Ensure that cyber incidents are promptly addressed and remediations are executed according to service level agreements (SLAs).

Cyber Technical Expertise:

• Act as the primary technical point of escalation for all security-related matters.
• Lead the implementation of cybersecurity best practices within projects and guide key stakeholders on security architecture best practices.
• Review and implement security policy and configurations, ensuring compliance with industry frameworks like CIS, SIEM, Palo Alto Firewalls, and more.

Cyber Governance & Operations Management:

• Conduct thorough risk assessments to identify and mitigate internal and external security threats.
• Oversee outsourced security operations, ensuring SLAs and KPIs are met.
• Implement advanced cyber hardening techniques and continuously monitor security measures for IT and OT systems.
• Ensure all security tools are configured according to best practices and managed throughout their lifecycle.

Incident Response, Problem Management & Change Control:

• Lead rapid response and investigation into security incidents, ensuring effective mitigation measures are taken to minimize impact.
• Manage changes to security configurations, policies, and procedures, ensuring minimal disruption to ongoing operations and project lifecycles.

Cyber Supply Chain Risk Management & Vendor Oversight:

• Manage third-party vendors and partners providing security services or solutions, ensuring compliance with agreed security standards.
• Monitor and manage cybersecurity risks associated with external vendors throughout the lifecycle.

Security Strategy Development & Compliance:

• Develop and implement a comprehensive NIST-based cybersecurity strategy, ensuring alignment with organizational goals.
• Conduct ongoing monitoring of security events and ensure timely, effective responses to emerging threats.
• Oversee security and compliance audits, ensuring that internal policies and external regulations are met.

Information Security Governance:

• Develop and enforce information security policies and standards that govern the confidentiality, integrity, and availability of organizational data.
• Establish and implement data classification and security protocols across the business.
• Manage the security of on-premises and cloud environments (Azure).
• Ensure proper implementation of network segmentation, VPN security, and Zero Trust models.
• Maintain and refine cloud security policies and standards for Azure.

Business Continuity & Disaster Recovery Planning:

• Ensure that business continuity and disaster recovery plans incorporate appropriate security measures.
• Lead the testing of the Business Continuity Plan (BCP) and Disaster Recovery (DR) strategies to ensure business functions are protected in case of cyber incidents.
• Drive the implementation and improvement of cybersecurity processes and procedures.
• Ensure the continuous updating and sharing of security knowledge, best practices, and compliance standards across the organization.
• Lead ongoing improvements to security processes, ensuring they evolve in line with changing regulations and industry best practices.

For success in this role, you will have:

• Experience: 10-15 years of experience in cybersecurity or information security roles, including network security and system security.
• Significant experience in cybersecurity governance, risk management, and compliance.
• Proven expertise in developing and implementing security control assurance programs and supply chain risk assessment frameworks.
• Certifications: CISSP, CISM, or other security certifications are highly desirable.
• Knowledge of and certification in the SABSA Framework is a plus.
• Solid understanding of security management frameworks such as ISO27001, NIST, ASD, and other related security standards.
• Strong understanding of networking protocols and system security protocols.
• Familiarity with cloud environments (specifically Azure) and network security (e.g., VPN, Zero Trust).

We offer a range of employee benefits, including flexible working arrangements, competitive remuneration based on skills and experience, purchased additional annual leave, health and wellbeing initiatives, and staff discounts and rewards program.

---