Description:

Location: Onsite

Department: Cybersecurity & Risk Management

Reports To: Head of Cybersecurity / CISO

Role Overview

We are looking for an experienced and hands-on Security Manager who will lead, maintain, and enhance our cybersecurity posture across infrastructure, applications, cloud environments, and compliance frameworks. This role blends strategic leadership with deep technical executionideal for a candidate who can design, implement, operate, and optimize security controls end-to-end, while ensuring alignment with business and regulatory requirements.

The ideal candidate will have practical expertise in cyber defense operations, SIEM/SOAR, identity & access governance, incident handling, vulnerability assessment, cloud security, policy governance, and compliance frameworks such as ISO 27001, SOC 2, GDPR, HIPAA, or FedRAMP (as applicable).

Key Responsibilities

- Lead day-to-day Security Operations includes monitoring and response activities.

- Manage and optimize SIEM, XDR, DLP, CASB, PAM, IAM, and other tooling.

- Perform threat hunting, malware analysis, and behavioral analytics using security platforms and frameworks.

- Oversee phishing simulations, red-team/blue-team drills, and cyber readiness exercises.

- Maintain and enforce security policies, standards, and procedures.

- Lead audits and certification initiatives: ISO 27001, SOC 2, GDPR, (or other relevant frameworks).

- Conduct and manage risk assessments, third-party security reviews, DPIAs, asset inventories, and access reviews.

- Create and track remediation plans, KRIs, KPIs, compliance dashboards, and security metrics for leadership.

- Enforce strong Conditional Access, MFA, Zero-Trust, and least-privilege models.

- Manage MDM/UEM platforms for endpoint controls: encryption, patching, configuration compliance, and secure baselines.

- Architect, manage, and optimize network security controls across on-premise and cloud networks.

- Implement and manage Zero Trust Network Architecture, micro-segmentation, and least-privilege network access.

- Maintain firewall rule reviews, network risk scanning, topology hardening, and traffic flow audits.

- Build and monitor secure hybrid connectivity models: MPLS, SD-WAN, SASE, LAN/WAN, Wi-Fi security.

- Perform vulnerability scanning and penetration testing coordination with internal teams or external vendors.

- Track remediation SLAs, validate fixes, and ensure continuous hardening across OS, network, cloud, and SaaS environments.

- Maintain and operationalize Incident Response Plan (IRP), Cyber Crisis Management Playbooks, and Forensic Readiness.

- Support Business Continuity Planning (BCP) and Disaster Recovery (DR) initiatives.

- Lead company-wide security awareness initiatives and role-based trainings.

- Educate engineering, cloud, DevOps, product, and business teams on secure-by design practices.

Required Skills & Experience

Technical Expertise (Hands-On Required):

- 7 - 12 years of progressive cybersecurity experience, with at least 3+ years in a leadership or lead engineer role.

Certifications (Preferred but not mandatory if equivalent experience exists)

- CISSP / CISM / CCSP

- ISO 27001 LA/LI

Soft Skills & Leadership Traits

- Strong communication with ability to translate complex risks to business language.

- Ability to mentor and develop junior analysts and engineers.

- Proactive mindset with strong ownership, accountability, and urgency.