Implement security operations strategy
• Contribute to the definition of the overall security strategy
• Align security operations functions with the organisation’s overall business objectives
• Advise senior leaders on critical issues that may affect corporate security objectives
• Advise the design and implementation of security policy and controls
• Provide expertise on security technologies and innovative security concepts
• Provide technical and operational oversight for security tool deployment and implementation
Operate/Monitor security systems
• Develop plans for operating/monitoring security systems (e.g. endpoint security tools, firewalls, etc)
• Guide the identification and measurement of critical security operations metrics
• Develop detection and alerting rules
• Review/approve firewall rules
• Review/approve changes on AV systems
• Monitor levels of service of the security operations
• Present periodic status reports to management
Security planning, review & compliance
• Coordinate ongoing reviews of existing security programs/protocols and planned upgrades
• Monitor compliance to security policies, regulations, rules and norms
• Participate in reviews/gap analysis of posture and compliance and follow-up with proposed treatment plan
• Authorised/Unauthorised software installation reviews
• Drive continuous improvement of security operations
Respond to security incidents
• Set internal guidelines for effective processing and escalation of incidents
• Review reports on incidents and breaches
• Develop contingency and disaster recovery plans for specific security incidents
• Coordinate prioritisation of alarms and resources for incident responses
• Oversee the development of emergency protocols
• Recommend systems and procedures for the prevention, detection, containment and correction of security breaches
• At least 15 years' of experience in IT Security
• Strong knowledge and experience in End User Computing, Server, Network and Security spaces
• Strong experience in supporting Windows, Linux, Vulnerability scanning tools, Firewalls and WAF
• Preferable experience in cloud-native security platforms and offerings from AWS or Azure
• Knowledge of patch management for OS and security products (Firewalls, Windows, Linux)
• Strong knowledge of endpoint security tools
• Preferred Knowledge of vulnerability assessment tools and techniques
• Preferred knowledge in conducting risk assessments
• Preferred Security/ITIL/Vendor certifications including but not limited to: (Fortinet NSE4, CISSP, CCSP, CEH, ITIL, CCNA-Security)
