Roles & Responsibilities

We are seeking an experienced candidate in Security Operations and Engineering Security Architect to design, implement, and manage the security frameworks that protect our organization's systems, networks, and data. The ideal candidate will have 12-15 years of expertise in cybersecurity, risk management, and architectural frameworks, combined with strong leadership skills and a strategic mindset.

Key Responsibilities:

Security Operations -

1) Build security assurance and governance programme for entire security control landscape

2) Ensure complete integration and coverage of all assets with SIEM as part of CDOC monitoring

3) Periodic review of existing use cases for the organisation, provide feedback and enhancements on monitoring

4) Adhoc use case/reports as part of security monitoring

5) Conduct network security architecture review to enhance security posture

6) Ensure implementation and effective monitoring Database Activity Monitoring

7) Periodic review of CDOC alerts with feedback

8) Conduct RCSA for security operations and engineering

9) SME for managing security incidents and reporting to regulators

10) Ensure action on regulatory and emerging cyber threat intelligence with detective and preventive measures

11) Take actions on internal threat intelligence with respective business/IT teams

12) Participate in Change board review for assurance and approval as needed

13) Build SOPs and guidelines for internal process strengthening

14) Align on submission of Cyber KRIs pertaining to Security Operations

Security Engineering and Strategy-

1) Ensure control compliance of all security tools like WAF, IPS, Endpoint security, server security, network security

2) Periodic exercise policy review - Firewall rule, WAF, IPS, FIM, DAM with mitigations as applicable

3) Align with SMEs on effective control implementation as part of corrective measures

4) Align on cloud security best practices and standards for preventative and detective measures

5) Implement controls as part of standards and framework - PCI-DSS, ISO 27001, SOC2, NIST

6) Review and approve specific exceptions on security controls and policy deviation

7) Take lead in new initiatives on security project implementation in alignment with SMEs

8) Active participation in PI planning on enhancements and new projects.

Required Qualifications:

- Bachelor's or Master's degree in Computer Science, Cybersecurity, or a related field.

- Over 12 years of experience in information security, with at least 5 years in a security architecture role.

- Strong knowledge of security frameworks and standards (e.g., NIST, TOGAF, SABSA).

- Proficiency in cloud security (AWS, Azure, GCP) and hybrid environments.

- Hands-on experience with Network and endpoint security technologies such as firewalls, endpoint protection, IAM, and SIEM tool.

- In-depth understanding of cryptographic principles, network security, and secure application design.

Preferred Certifications:

- Certified Information Systems Security Professional (CISSP)

- Certified Information Security Manager (CISM)

- Certified Cloud Security Professional (CCSP)