Job Description

Ensure alignment with organizational objectives and regulatory requirements.

Identify, evaluate, and mitigate cybersecurity risks and vulnerabilities. Conduct regular security risk assessments and audits.

Ensure compliance with relevant regulations (FRA) and frameworks, including ITIL, NIST RMF, and NIST CSF. Monitor changes in regulatory requirements and update policies accordingly. Prepare and manage compliance documentation and reports.

Develop and maintain an incident response plan. Lead efforts to detect, respond to, and recover from cybersecurity incidents. Conduct post-incident analysis and develop mitigation strategies.

Conduct security awareness training for employees.

Oversee the implementation and management of security controls (e.g., NGFW, WAF, SIEM, EPP, EDR). Ensure secure configuration of IT assets in compliance with CIS benchmarks.

Manage relationships with security vendors and service providers. Ensure third-party services meet the organization’s security standards.

Job Requirements

Key Skills and Knowledge Areas:

• Strong understanding of cybersecurity governance frameworks (NIST, ITIL) and regulatory compliance (FRA).
• Proficiency in risk assessment and management.
• Experience with incident response and recovery.
• Knowledge of security technologies (e.g., firewalls, SIEM, endpoint protection, encryption).
• Familiarity with secure configuration benchmarks (e.g., CIS).s.

Abilities:

• Analytical thinking and problem-solving skills.
• Ability to work independently and take initiative.
• Strong organizational and project management skills.
• Ability to handle sensitive information with confidentiality.
• Effective collaboration and teamwork skills.

Qualifications:

• Bachelor’s degree in Cybersecurity, Information Technology, or related field.

للتقديم الان