Security Lead

Key Responsibilities :

1. Security Strategy & Governance :

• Develop, implement, and maintain security policies, procedures, and controls.
• Support the CISO in building a comprehensive security program aligned with business goals.
• Ensure compliance with standards such as ISO 27001, NIST, GDPR, and relevant local regulations.

2. Threat & Vulnerability Management :

Identify, assess, and mitigate security risks across networks, systems, applications, and cloud environments.

Lead vulnerability assessments, penetration testing, and security audits.

Monitor threat intelligence feeds and respond to emerging threats.

3. Incident Response & Investigation :

Lead incident response efforts, including containment, root cause analysis, and remediation.

Develop and maintain an incident response plan and conduct regular tabletop exercises.

Document incidents and report findings to management and regulatory bodies when needed.

4. Team Leadership & Collaboration :

Supervise security analysts / engineers and coordinate with cross-functional IT and business teams.

Mentor junior team members and promote a culture of security awareness.

Work with infrastructure, application, and network teams to integrate security best practices.

5. Tools & Technology Management :

Manage and optimize security tools such as SIEM, DLP, EDR, firewalls, and IAM solutions.

Evaluate and onboard new security technologies and services as required.

6. Training & Awareness :

Drive company-wide security awareness and training initiatives.

Educate staff on phishing, social engineering, password hygiene, and data protection.

Key Requirements :

Education :

Bachelor's degree in Computer Science, Information Security, or a related field.

Master's degree or MBA in Information Security or IT Management is a plus.

Certifications (preferred) :

CISSP, CISM, CEH, OSCP, ISO 27001 LA, or similar.

Experience :

6–10 years of experience in information security, with at least 2–3 years in a lead or managerial role.

Skills :

Deep understanding of cybersecurity frameworks and principles

Experience with security monitoring, forensics, and incident response

Knowledge of secure software development (DevSecOps), cloud security (AWS, Azure), and network security

Strong communication, leadership, and stakeholder management skills

Ability to handle pressure in fast-paced environments

Skills Required

Devops, Aws, Azure, Cissp, Cism, Ceh, Oscp