Cyber Security Technical Manager

Key purpose:

As a member of the Global IT Team, you will help develop and maintain the cyber security program and serve as the de facto technical security expert. This role is responsible to provide support and oversight to internal and external teams to ensure incidents and threats are properly handled.

A well-qualified candidate will feel comfortable jumping into a given scenario, asking the right questions, escalating where necessary, and collaborating with all available resources to find the best solution for the situation.

Duties and responsibilities:

• Support the design, implementation, and maintaining of cyber and information security tools, tactics, and procedures.
• Support the creation of incident response plans and coordinate the investigation and remediation of threats and security-related incidents by assisting team members with issue resolution or mitigation.
• Design and architect security systems as needed.
• Continuously assess and improve the organizations cyber security controls.
• Advise project teams on security requirements for new projects or technology.
• Development of mitigation or remediation plans for CVEs, IOC, etc.
• Support and manage service providers in aligning to the cyber security roadmap and delivering projects and objectives within the agreed timelines.

Knowledge, Skills, and Attributes

• Ability to work independently as well as in a distributed team environment with a strong sense of ownership of delivering solutions.
• Comfortable in taking and engaging with senior leadership, however, still able to get involved in the detail and configuration of systems.
• Ability to influence different stakeholders in delivering site specific or global solutions.
• Attention to detail, organized and able to work and research independently.
• Ability to frame and communicate security and risk-related concepts to technical and non-technical audiences at various levels.
• Excellent communication and collaboration skills to ensure delivery in a matrix organization.
• Strong IT background with expert level knowledge in one or more security practice areas (endpoint protection, vulnerability management, network security management, cloud security, incident response, data security & privacy)
• Broad knowledge and experience across IT infrastructure with security frameworks and standards such as MITRE ATT&CK, CIS, NIST-CSF and other relevant security-related regulations.
• Able to effectively analyze risk within the context of business problems.
• Solid understanding as to how to mitigate risks with common security controls.
• Passion for Cybersecurity, continually learning about new attacks, new threat vectors, and defenses.
• Ability to travel to various sites and meet with service providers.
• Familiar with Microsoft 365 Compliance manager and Azure Cloud security modelling

Qualifications and experience:

• Bachelor's degree in computer science or related discipline
• Minimum of five years of cybersecurity experience.
• Experience in reviewing and evaluating new software or technology components.
• Experience with hands-on configuration and operation of security tools.
• Experience in participation or leading the successful implementation of security systems and operationalizing them (documenting requirements, working with vendors, setting up & configuring, creating knowledge articles, performing handover to relevant operations team).
• Professional experience delivering cyber security in an operational role, including
• Cyber Security architecture design and implementation, including Cloud.
• Security Operations Centers (SOC)
• Identity & Access Management (IAM)
• Data Loss Prevention and Data Protection
• Security assessments related to threat, vulnerability, and penetration testing.
• Endpoint detection response
• Vulnerability management tools and process
• Security information and event management (SIEM)
• Intrusion prevention system (IPS)
• Network & user anomaly detection
• Performing system hardening
• Threat hunting