Lead- Cyber Security

Key Responsibilities:

1. Security Operations: 

- Monitor network traffic for unusual activity and potential threats using security tools and technologies. 

- Investigate and respond to security incidents, including data breaches, malware infections, and other cyber-attacks. 

- Conduct vulnerability assessments and penetration testing to identify and address security weaknesses. 

- Guard all company data, particularly sensitive information, from both internal and external threats by designing broad defenses against would-be intruders.

- Stay up to date with the latest industry best practices and technologies. Maintain knowledge of current cybercrime tactics.

2. Security Management: 

- Develop, implement, and maintain security policies, procedures, and standards to ensure compliance with industry best practices and regulatory requirements. 

- Manage and configure security solutions such as firewalls, antivirus software, intrusion detection/prevention systems (IDS/IPS), and encryption tools. 

- Perform regular security audits and risk assessments to evaluate the effectiveness of security measures and identify areas for improvement.

3. Incident Response: 

- Create and maintain an incident response plan and lead the response efforts during security incidents. 

- Coordinate with internal and external stakeholders to manage and resolve security incidents. 

- Conduct post-incident analysis to determine the root cause and implement measures to prevent future occurrences. 

4. Security Awareness and Training: 

- Develop and deliver security awareness training programs to educate employees on security best practices and emerging threats. 

- Stay updated on the latest security trends, threats, and technology solutions to keep the organization’s security posture current. 

5. Compliance and Governance:

- Ensure compliance with relevant laws, regulations, and standards (e.g., GDPR, HIPAA, PCI-DSS, ISO 27001). 

- Prepare and maintain documentation required for compliance audits and assessments. 

- Assist in the development and maintenance of business continuity and disaster recovery plans. 

Qualifications: 

- Bachelor’s degree in Computer Science, Information Security, or a related field. 

- Professional certifications such as CISSP, CISM, CEH, or CompTIA Security+ are highly desirable. 

- Minimum of 7 t0 10  years of experience in cybersecurity or a related field. 

Skills and Competencies: 

Technical Skills:

- Proficient in using security tools and technologies such as SIEM, IDS/IPS, firewalls, and endpoint protection. 

- Strong understanding of network protocols, operating systems, and database security. 

- Experience with vulnerability assessment and penetration testing tools. 

- Strong abilities in critical thinking, problem-solving, logic, and forensics.

Analytical Skills:

- Ability to analyze security data and logs to identify trends and potential threats. 

- Strong problem-solving skills to address and mitigate security incidents. 

Communication Skills:

- Excellent verbal and written communication skills to articulate security concepts and findings to technical and non-technical stakeholders. 

- Ability to create clear and concise security documentation and reports. 

Interpersonal Skills:

- Strong teamwork and collaboration skills to work effectively with cross-functional teams. 

- Ability to handle high-pressure situations and manage multiple tasks simultaneously.