Corporate Cybersecurity Manager

About The Position

Requirements

• Education: Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field. Relevant certifications such as CISSP, CISM or equivalent preferred.
• Experience: At least 5 to 7 years of hands-on experience in a cyber security role, with a minimum of 2 years in a managerial position.
• Technical Skills: Hands-on experience and proficiency in security tools and technologies (e.g., SIEM/ XDR, EDR, scanning tools, zero trust architecture, python etc.) and familiarity with various operating systems and networking protocols.
• Analytical Skills & Attention to Detail: Strong analytical and problem-solving skills to identify and address complex security issues along with attention to detail to ensure accuracy and thoroughness.
• Communication Skills: Excellent verbal and written communication skills to effectively convey security concepts to non-technical stakeholders.
• Leadership: Proven leadership abilities to manage a team of security professionals.

Responsibilities

• Develop and Implement Security Policies: Design and enforce security policies, procedures, and standards to safeguard digital information.
• Governance, Risk & Compliance: Ensure that the organization adheres to relevant laws, regulations, and industry standards. This includes conducting regular risk assessments, implementing risk mitigation strategies, and ensuring compliance with standards such as PCI, GDPR, ISO27001, SOC2 and NIST.
• Security Operations: Oversee 24*7 security operations center (SOC) to monitor, detect, and respond to security incidents in real-time.
• Incident Response: Lead incident response to quickly and effectively address security incidents.
• Security Analytics and Reporting: Implement advanced security analytics leveraging AI / ML and big data technologies. Prepare detailed reports on system hygiene, security incidents and risks for senior management.
• Vulnerability Management: Conduct regular vulnerability assessments, threat hunts, penetration tests to identify and mitigate potential threats and weaknesses.
• Cloud Security: Implement robust cloud security measures to protect data and applications hosted in cloud environments.
• Network Security: Implement robust network security measures including zero trust network architecture, and regular network security assessments.
• Identity & Access Controls: Implement strict controls to ensure that only authorized personnel have access to sensitive information and systems.
• Data Protection: Develop and manage a comprehensive data protection program.
• Application Security: Ensure that all applications are developed with security best practices in mind, including secure coding, regular security testing, and vulnerability assessments.
• Security Awareness Training: Develop training programs to educate employees about information security best practices.
• Vendor Management: Manage relationships with external security vendors and service providers. Conduct third party vendor evaluations and audits as necessary.
• Collaboration: Work with other departments and stakeholders to integrate security measures into all organizational processes.

Benefits

• Health insurance
• Retirement plans
• Paid time off
• Opportunities for professional development and growth within the company