Job Summary:

The Cybersecurity Manager will be responsible for developing and implementing a comprehensive cyber security program for the organization based on leading practices such as CIS, ISO27, NIST, and others, with a deep understanding and analysis of emerging cyber security aspects including, but not limited to, threat intelligence, anti-advanced persistent threats, DLP, SIEM, GRC, security analytics, identity and access management, incident response, security awareness, and others.

Responsibilities:

Develop IT security policy and operational procedures and best practices to safeguard against cyberattacks. 

Develop security risk management plan. 

Establish review procedures based on organization’s security risk management plan. 

Assess the effectiveness of the measures against security risk management plan.

Establish a standard methodology for performing security tests in accordance with security requirements. 

Conduct regular risk assessments to identify vulnerabilities in the organization's infrastructure and systems. 

Develop incident response plan. 

Evaluate effectiveness of current incident response plan against industry good practices. 

Test incident response plans periodically to ensure response times and executed procedures are acceptable. 

Identify threats and risks that are relevant to ODE’s operations and systems. 

Develop a documented action plan containing policies, practices and procedures that mitigate the identified risks.

Manage and oversee the day-to-day operations of the cyber security team and provide guidance, support, and mentorship as needed. 

Perform comparative analysis of security service performance level parameters against security information sources.

Prepare information security performance report based on results from analysis and correlation of information security events. 

Recommend suitable enhancements to improve information security performance. 

Review business and security environment to identify existing requirements.

Knowledge, Skills & Experience:

Bachelor’s degree in computer science, Information Security, or a related field.

10 years of experience in cybersecurity or information security, including 3 years of experience in managerial or leadership experience.

Strong knowledge of information security principles, cybersecurity frameworks, and risk management practices.

Solid understanding of incident response, vulnerability management, and security testing methodologies.

Proven ability to develop and implement security policies, procedures, and risk mitigation plans.

Strong analytical, problem-solving, and risk assessment skills.

Effective leadership and stakeholder management skills.

Relevant certifications such as CISSP, CISM, CRISC, or ISO 27001 are an advantage.

للتقديم الان