Responsibilities 

Security Architecture, Design and Integration

• Design, architect, and implement security systems, ensuring alignment with corporate policies and local regulations.
• Perform security architecture reviews for hybrid environments, including cloud, on-premises, and third-party integrations
• Perform cybersecurity risk assessments and/or penetration tests for new systems, applications, and technology implementations.

Incident Management & Response

• Act as the designated point-of-contact and primary responder to receive alerts from the Security Operations Centre (SOC) team upon detection of potential incidents, ensuring effective coordination and execution of necessary response actions.
• Track remediation efforts for security gaps and audit findings.
• Conduct post-incident reviews and implement lessons learned to strengthen response processes.

Vulnerability Management

• Design and integrate security systems to reduce exposure to threats.
• Perform regular vulnerability scans across critical and high-value assets, including applications.
• Track remediation progress and provide timely status reports to management.
• Work with developers to remediate application-level vulnerabilities promptly.

Risk Management &  Security Reporting & Metrics

• Identify, prioritise, and manage cybersecurity risks by assessing their potential impact and coordinating the implementation of appropriate mitigation measures.
• Collect, log, and organise cybersecurity events, incidents, and vulnerability data in a centralised system.
• Analyse data to identify trends and provide actionable insights for management.

Continuous Improvement

• Evaluate the effectiveness of security standards and procedures regularly.
• Review post-incident actions and incorporate improvements into processes.
• Promote secure development practices and security awareness across teams.
• Encourage participation in security initiatives across divisions.

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related discipline (Master’s degree preferred)  
• Preferred experience: Working with development teams to embed security in the software development lifecycle, conducting secure code reviews, and using automated scanning tools 
• Relevant professional certifications such as CISSP, CISM, CISA, CompTIA Security+, CEH,  
• Certified Ethical Hacker (CEH)
• Global Information Assurance Certification such as GIAC, GSEC ,GIAC or GCIH preferred. 
• Cloud Security Certifications such as AWS Certified Security – Speciality or Microsoft Certified: Azure Security Engineer Associate 
• Additional desirable skills: Knowledge of secure coding practices, application security frameworks (e.g., OWASP Top 10), and experience integrating security into the Software Development Lifecycle (SDLC). 
• Strong understanding of cybersecurity principles, concepts, threats, and best practices from both defensive and incident response perspectives. 

Hands-on experience in:  

• Cloud security (AWS, Azure, GCP) and hybrid environments 
• Security monitoring, analytics, and reporting using SIEM and EDR tools 
• Vulnerability assessments and management across infrastructure and applications 
• Network and infrastructure security, including firewalls and endpoint protection 
• Web and application security, including OWASP Top 10 and secure coding practices 

Advanced knowledge in:  

• Incident response and escalation, including coordination with technical and business stakeholders.
• Vulnerability management frameworks and use of MITRE ATT&CK for threat analysis 
• Able to develop and improve of security playbooks, post-incident reviews, and lessons learned 

• Strong communication skills and able to explain complex technical concepts in clear, simple terms to both technical and non-technical stakeholders. 
• Critical thinking and problem-solving, capable of analysing situations, anticipating risks, and making sound decisions under pressure. 
• Proactive mindset, takes initiative to identify risks, suggest improvements, and drive security awareness.  
• High adaptability and continuous learning , comfortable with change, and committed to staying current with evolving threats and technologies. 
• Attention to detail, meticulous in monitoring, analysis, and documentation to ensure accuracy and compliance. 
• Able to collaborate and work as a team and works effectively with colleagues across different departments to implement security measures.