Description :

Role Overview :

This is a hybrid role combining hands-on cybersecurity engineering with leadership responsibilities.

The ideal candidate will design, implement, and maintain robust security systems while driving the organizations information security strategy, compliance, and risk management.

Key Responsibilities :

Technical (Cybersecurity Engineer) :

- Design, implement, and manage security tools (firewalls, IDS/IPS, SIEM, endpoint protection).

- Perform vulnerability assessments, penetration testing, and threat modeling.

- Monitor and respond to security incidents, ensuring timely resolution.

- Secure cloud environments (AWS/Azure/GCP) and on-prem infrastructure.

- Implement identity and access management (IAM) and zero-trust principles.

Strategic (CISO Responsibilities) :

- Develop and enforce information security policies and procedures.

- Lead risk assessments and compliance initiatives (ISO 27001, GDPR, etc.

- Oversee incident response and disaster recovery planning.

- Advise leadership on emerging threats and security investments.

- Conduct security awareness training for employees.

Required Skills & Competencies :

Foundational Security Skills :

- Strong understanding of linux fundamental.

- Strong understanding of network fundamentals (TCP/IP, DNS, VPN, VLANs).

- Knowledge of firewall configuration, IDS/IPS, and secure network architecture.

- Proficiency in endpoint security (antivirus, EDR solutions).

- Familiarity with secure coding practices and basic application security principles.

- Ability to implement multi-factor authentication (MFA) and password policies.

Intermediate Security Skills :

- Experience with SIEM tools (WAZUH,Splunk, QRadar, ELK) for log analysis and threat detection.

- Conduct vulnerability assessments and penetration testing using tools like Nessus, OpenVAS, Burp Suite.

- Implement patch management and system hardening across servers and endpoints.

- Knowledge of cloud security best practices (AWS, Azure, GCP) including IAM, encryption, and compliance.

- Ability to manage data encryption (at rest and in transit) and PKI infrastructure.

Advanced Security & Leadership Skills :

- Develop and enforce information security policies, standards, and procedures.

- Lead risk assessments, business impact analysis, and incident response planning.

- Familiarity with compliance frameworks (ISO 27001, NIST, GDPR, SOC 2).

- Manage security audits and liaise with external auditors/regulators.

- Oversee disaster recovery and business continuity planning.

- Ability to evaluate and implement emerging security technologies (Zero Trust, XDR, SASE).

- Strong vendor management and budget planning for security investments.

Soft Skills :

- Excellent communication skills to interact with executives and technical teams