Senior Cybersecurity Specialist

Operational Leadership & Ownership

• Own and manage the complete cybersecurity operations lifecycle
• Serve as the primary point of contact for all security-related matters within IT and business units
• Coordinate security activities across IT teams (Infrastructure, Network, Applications, Service Desk)
• Provide functional leadership for the Cybersecurity Specialist: task assignment, mentoring, performance input
• Ensure no security operational gaps exist — take ownership of any unassigned security tasks

Strategy, Policy & Governance Support

• Develop and propose cybersecurity strategy, roadmaps, and initiatives for Group Head of IT approval
• Draft, update, and maintain security policies, standards, and procedures
• Implement and enforce approved security policies across the organization
• Prepare security budget proposals, tool evaluations, and vendor recommendations
• Develop security metrics, dashboards, and executive reports for Group Head of IT

Security Operations & Monitoring (DSS05)

• Manage and optimize SIEM, EDR/XDR, and other security monitoring tools
• Perform/oversee daily security monitoring, alert triage, and threat hunting
• Define security requirements for firewall/IDS/IPS rules; review and approve rule changes; coordinate with Network/Infrastructure teams; validate compliance
• Administer identity and access management (IAM) systems, including PAM and MFA solutions
• Manage endpoint security, patching coordination (security-related), and security tool deployments

Incident Response & Crisis Management

• Own the Incident Response Plan (IRP); ensure readiness through regular testing and updates
• Lead all security incident investigations, including forensic analysis
• Execute containment, eradication, and recovery actions during incidents
• Escalate major incidents (P1/P2) to Group Head of IT with clear recommendations
• Document incident timelines, root cause analysis, and lessons learned
• Develop and maintain incident response playbooks and runbooks
• Serve as primary on-call for security incidents; manage escalation window

Risk Management & Compliance (APO12, MEA03)

• Perform technical risk assessments; develop risk treatment plans and recommendations
• Conduct vendor security assessments and third-party risk evaluations
• Support internal/external audits: evidence collection, technical responses, finding remediation
• Ensure compliance with regulatory requirements (ISO 27001, GDPR, PCI-DSS, etc.)
• Track audit findings and remediation plans; report status to Group Head of IT

Technical Implementation & Projects

• Design and oversee implementation of security solutions for infrastructure, cloud, and applications
• Lead security projects (e.g., SIEM implementation, Zero Trust, cloud security)
• Conduct security reviews for new systems, applications, and integrations
• Evaluate and recommend security tools and technologies

Security Awareness & Culture

• Develop and deliver security awareness training programs
• Conduct phishing simulations and track effectiveness
• Create and maintain security documentation, knowledge base, and SOPs
• Promote security-first culture across the organization

Required Qualifications

• Bachelor's degree in Computer Science, Information Security, or related field (preferred)
• 3-5+ years of hands-on experience in cybersecurity or IT security operations
• Professional certifications in cybersecurity, or equivalent hands-on certification (preferred); relevant experience may substitute
• Strong expertise in SIEM (Sentinel, Splunk, QRadar, or similar), EDR, vulnerability management tools
• Experience with cloud security (Azure Security Center, Defender for Cloud, AWS Security Hub)
• Knowledge of security frameworks: ISO 27001, NIST CSF, CIS Controls
• Experience working independently with minimal supervision

Required Competencies

• Ownership mindset and proactive problem-solving
• Deep technical expertise with continuous learning mindset
• Strong analytical and decision-making skills
• Ability to work independently and manage priorities
• Excellent communication with technical and non-technical stakeholders
• Ability to work under pressure during incidents
• Documentation discipline and attention to detail
• Mentoring and knowledge sharing skills