The Cyber Security Analyst will be primarily responsible for the design, implementation, management, and operations of security controls and systems to protect the confidentiality, integrity, and availability of The company information assets and improving The company cyber-maturity. The role holder will also lead risk assessments, develop, improve, and implement security policies, procedures and standards aligned to best practices. He/She will develop the Infosec roadmap in consultation with the Head of ICT Infrastructure, design technical infosec controls and own the vulnerability management program.

Roles & Responsibilities:

• Support development, implementation and maintenance of information security policies, standards and processes to prevent, detect, analyse, and respond to information security incidents.
• Lead and contribute to the development, operations and maintenance of the information security incident management process, awareness trainings and campaigns, vulnerabilities management and penetration testing.
• Support risk-based implementation of security controls for the protection of information systems, networks, and applications.
• Support BAU IT security operations including Security Incident & Event Management SIEM processes, vulnerability assessments, and threat and incident management to mitigate risks.
• Proactively research and develop technical solutions/security tools to help mitigate security vulnerabilities and automate repeatable tasks.
• Collaborate with business applications, Infrastructure, digital & data innovation, and ICT service delivery ICT units to ensure systems, applications and networks are secure by design.
• Assist internal and external stakeholders including auditors, when required, with information security questionnaires, audits, reviews, investigations, etc.
• Lead security audits and data protection Initiatives, conduct vulnerability assessments and penetration testing, manage remediation efforts, and track the closure of deficiencies.
• Review logs and alerts generated from information security assets in ICT and collaborate in remediation.
• Create customized training programs for experienced IT professionals as well as the company staff that will help them demonstrate their ability to lawfully assess security of systems and discover vulnerabilities.
• Develop and present reports regularly and other responsibilities relevant to the role.

Minimum Requirements:

• Degree in computer science or related field
• Certified in all or part of the following – ISACA CISM, CISSP, CCSP, CEH, CISA, CCNP (Security)
• 3+ years of experience in a technical security related role such as Penetration Tester, SOC Analyst, Security Engineer or systems administrator