Key Result Responsibilities

Strategic & Governance

• Develop and implement the organization’s cyber security roadmap aligned with business and regulatory requirements.
• Establish security policies, standards, and procedures across infrastructure, cloud, and application environments.
• Collaborate with the Manager of Cloud & Infrastructure Services or Technology Infrastructure Manager to embed security into system and network architecture.
• Manage security budgets, vendor relationships, and third-party risk assessments.
• Ensure compliance with standards such as ISO 27001, NIST, GDPR, HIPAA, or local regulatory requirements.

Operational Security

• Oversee Security Operations Centre (SOC) activities, including monitoring, threat detection, and incident response.
• Manage vulnerability assessments, penetration testing, and remediation plans.
• Implement and maintain security controls for servers, networks, cloud services, Kubernetes, and databases.
• Lead incident response and forensic investigations, ensuring timely resolution and root cause analysis.
• Ensure strong identity and access management (IAM), privilege escalation control, and zero-trust practices.

Key Result Responsibilities-Continued

Risk Management & Assurance

• Conduct regular risk assessments and security audits across IT infrastructure and applications.
• Manage enterprise endpoint protection, intrusion detection/prevention (IDS/IPS), and SIEM platforms.
• Drive awareness and training programs to promote a strong cyber security culture across the organization.
• Oversee data protection measures, encryption standards, and backup/recovery procedures.

Team Leadership

• Lead and mentor a dedicated cyber security team including analysts, engineers, and incident responders.
• Define KPIs and success metrics for cyber defence and resilience.
• Provide continuous skill development to stay ahead of evolving threats and technologies.

People Management:

• Provides direction, coaching and guidance to team members for their career and professional development.
• Creates a conducive working environment to build and sustain a performance driven, engaged, and committed team.
• Ensures people management responsibilities are handled effectively in line with company procedures.

Qualifications (Academic, training, languages)

• Bachelor’s degree in cyber security, Information Technology, or related field (master’s preferred).
• CISSP, CISM, CISA, CEH, CCSP, or equivalent industry certifications.
• Cloud security certifications (AWS Security Specialty, Azure Security Engineer, Oracle Security).
• Kubernetes Security Specialist (CKS) is a plus.
• Fluent in English Language
• Strong background securing Windows/Linux servers, cloud (AWS, Azure, Oracle), and enterprise networks.
• Knowledge of enterprise databases (Oracle, PostgreSQL, MSSQL, MySQL, CouchDB) and their security best practices.
• Excellent communication and stakeholder engagement skills.

Work Experience

• With 8+ years of IT security experience, with at least 3+ years in a managerial role. 
• Hands-on experience with Kubernetes security, container hardening, and cloud-native security tools.
• Proven track record in leading incident response and crisis management.