Cyber Security Manager

Job Description:

Position Mission:

As a Manager in Security Technology & Operations, your primary mission is to lead the implementation of technology-driven security initiatives and manage the operational aspects of the security infrastructure. You will possess expertise in implementing security technologies, managing cybersecurity operations, and ensuring the alignment of security measures with the company's objectives. Your role will involve close collaboration with IT departments, internal stakeholders, and external vendors to enhance the organization's security posture and operational resilience while ensuring regulatory compliance

Key Responsibilities:

• Technology Implementation & Operations: Implement and manage security technologies, including intrusion detection systems, firewalls, antivirus software, and security information and event management (SIEM) solutions. Ensure these technologies are optimally configured, updated, and maintained.

• Operational Security Management: Manage day-to-day security operations, ensuring robust monitoring, detection, and response processes are in place. Support the security operations center (SOC) and ensure incident response plans are effectively executed.

• Team Support & Development: Support a team of security professionals. Encourage a culture of continuous learning and professional development, ensuring team members are skilled in security technologies and practices.

• Audit, Compliance, and Risk Management Support: Conduct regular security assessments and audits to identify vulnerabilities. Support the risk assessment process and ensure compliance with relevant security standards and regulations. Assist in the development and implementation of policies and procedures to mitigate identified risks.

• Stakeholder Engagement and Communication: Act as a liaison between the security team and other business units. Communicate effectively with stakeholders at all levels to align security initiatives with business goals.

Technical Skills Required:

• Security Technologies Expertise: Knowledge of security technologies and solutions, including Next-Generation Firewalls (NGFWs), Intrusion Prevention Systems (IPS), Security Information and Event Management (SIEM) systems, Endpoint Detection and Response (EDR) solutions, and Advanced Threat Protection (ATP) tools. Familiarity with encryption technologies, identity and access management (IAM) solutions, and network segmentation strategies.

• Cybersecurity Operations Management: Experience in managing a Security Operations Center (SOC), including incident detection, response, and recovery. Knowledge of developing and implementing operational procedures for threat monitoring, analysis, and rapid incident response.

• Cloud Security: Understanding of cloud computing models (IaaS, PaaS, SaaS) and cloud security frameworks. Experience in securing cloud environments, including AWS, Azure, and Google Cloud, through the implementation of cloud security best practices and tools.

• Security Architecture Understanding: Ability to understand and enhance security architectures for complex IT environments. This includes understanding the principles of secure network design, application security, and data security.

• Regulatory Compliance and Standards: Knowledge of regulatory compliance requirements and security standards, such as GDPR, HIPAA, PCI-DSS, ISO/IEC 27001, and NIST frameworks. Ability to assist the organization in achieving and maintaining compliance with these standards.

• Risk Management: Skills in identifying, assessing, and prioritizing cybersecurity risks. Experience in developing and managing risk mitigation strategies, conducting risk assessments, and implementing risk management frameworks.

• Project Management: Project management skills, with experience in leading cross-functional teams in the deployment of security technologies and the execution of security projects.

• Automation and Orchestration: Knowledge of security automation, orchestration, and response (SOAR) tools and practices. Ability to implement automation to streamline security operations and response processes.

• Cryptography and Data Protection: Understanding of cryptographic principles and data protection technologies.

• Communication Networks: Understanding of communication network structures, protocols, and security challenges.

People Management Skills:

• Team Support: Ability to support security teams that meet performance expectations. Includes building team structures that facilitate collaboration and efficiency, as well as fostering a culture of continuous improvement and innovation.

• Motivation, Coaching, and Skill Development: Skilled in identifying individual team members' strengths and areas for growth, offering personalized coaching and mentorship.

• Conflict Management and Positive Workplace Culture: Ability in handling interpersonal conflicts effectively, mediating disputes and promoting a culture of understanding and respect.

• Goal Setting and Performance Monitoring: Expertise in setting clear, measurable objectives for the team and individual members, aligned with organizational priorities.

• Talent Management and Professional Development: Strategic approach to talent management, including identifying potential leaders within the team and supporting their growth through targeted training and leadership opportunities.

• Effective Communication: Exceptional communication skills, able to convey complex security concepts and strategies in a clear, concise manner to a variety of audiences.

• Adaptability and Resilience: Ability to adapt leadership style and strategies to changing security landscapes and organizational needs.

Relationship with Partners:

• Establishing and Maintaining Strong Professional Relationships: Ability to forge and sustain robust professional relationships with a wide range of partners.

• Negotiation and Contract Management: Skilled in negotiating terms and managing contracts with security service providers to ensure that agreements meet the organization's security requirements and budget constraints.

• Collaboration on Shared Security Initiatives: Experience in initiating and managing collaborative security projects between companies, including joint ventures, shared threat intelligence, and collective defense strategies.

• Security Governance with Partners: Developing and implementing governance frameworks to oversee the security aspects of partnerships.

• Continuous Improvement and Alignment: Continuously assessing and improving the effectiveness of partnerships in contributing to the organization's security objectives.

• Compliance and Risk Management: Ensuring that all partnerships comply with relevant laws, regulations, and industry standards related to security.

Qualifications:

• Degree in computer science, information security, or a related field.

• Experience in a similar role, ideally in a similar environment.

• Desired professional security certifications (ISO27XXX, CISSP, CISM, CRISC, etc.).

• Proficiency in English, both written and spoken.

• Intercultural sensitivity, flexibility.

• Organized with a proven ability to manage workload, meet deadlines, and use time efficiently.

• Good interpersonal and communication skills, effective teamwork.

• Ability to function in a matrix structure.

• Strong analytical skills.

Key Changes Made:

• Reduced Scope: Responsibilities are more focused on implementation and support rather than strategic vision and development.

• Experience Level: "Significant experience" was changed to "Experience" to reflect a less senior role.

• Leadership Expectations: The "Leadership" aspects were toned down to focus on "Support" and "Encouragement."

• Technical Skills: While still requiring strong technical skills, the depth of expertise required is slightly reduced.

• Removed Redundancy: Some redundant phrases were removed for clarity.