Job Purpose

Design, develop, test, install, customize, operate and troubleshoot information security systems and solutions to ensure protection of the Confidentiality, integrity and availability of the company data & IT assets.

Key Accountabilities

• Evaluate risks and develop cybersecurity standards, procedures, and controls to manage risks in IT&OT fields.

• Enhance cybersecurity security posture through process optimization, policy, automation, and ongoing capability evolution.

• Implement required security controls.

• Continuously improve the security framework, methodology, standards, and system of internal controls.

• Assesses new security technologies to determine potential value for the enterprise.

• Test and evaluate Information Security systems.

• Performs risk assessments, Cybersecurity audits, vulnerability tests and reports to management with findings and undertakes measures to ensure conformance.

• Execute and manage Patch Management solutions in accordance with the methodology.

• Periodic Review of identity access management and ensure authorized persons have access as per policy.

• Implement a cybersecurity awareness program that meets all industry regulations, standards, and compliance requirements.

• Support workforce security activities including culture, awareness, and training.

• Design, Review, document, Implement and operate OT cybersecurity environment.

Qualifications & Experience

• Education

Bachelor of Science OR bachelor’s degree in Cybersecurity and digital forensics, Computer Science, Computer Information System (CIS), Computer Engineering, or equivalent

• Professional Qualifications

Cybersecurity Industry Accredited and related certificate e.g., OSCP, CISSP, CASP+, CEH, CRISC.

• Experience

At least 9-11 years of relevant experience in Information Security function.

• Languages

Thoroughly proficient in both verbal and written English

Competencies (Knowledge, Skills & Abilities)

• Knowledge and experience in Developing and implementing enterprise governance, risk, and compliance strategies and solutions.

• Knowledge of security applications such as IDS, Security Event Management, Patch Management, IAM & PAM Solutions.

• Knowledge of Cybersecurity frameworks and standards such as NIST CSF, ISO 27001, NCA…

• Knowledge and experience with OT networks, LAN topologies, Firewalls.

• Seek self-development programs/education.