Mission Statement for the Role:

Provide practical cyber security framework to secure data and digital infrastructure through formulation of cyber security policies, equipping the company with practical ways to implement standards-based, cost-effective, repeatable, and scalable cyber security solutions.

Overall Responsibility:

E2E cyber security, information assurance, compliance design, integration, implementation, modification, and coordination of Network, systems and data security. Functions include include developing functional and technical requirements and specifications, documentation, monitoring, implementing cyber security procedures and tools and ensuring the rigorous application of information security/information assurance policies, principles and practices.

Financial:

Key KPI’s for the role:

• Achieving Security KPI Targets like: Preparedness Level, Tracking Intrusion attempts, Uncovering Unidentified Devices on Internal Network, Monitoring Intrusion Attempts, Meeting Security incidents management, Mean-time Metrics and KPIs. Maintaining Patching Cadence to ensure critical vulnerabilities are identified and addressed. Virus Monitoring. Create Phishing Attacks awareness and ensuring SSL Certificates are properly configured.

People:

• Currently no direct reports.

Key SMART Results for A-Player

• Define industry leading cyber security standards, policies. key performance indicators and measurement criteria- Q1 2024
• Audit current systems, networks, databases, security implementation and certificates against the defined standards and policies to identify weaknesses and come up with a mitigation plan- Q1 2024
• Implement cyber security monitoring plan to detect and resolve security incidents near real time- Q1 2024
• Develop security awareness documents for upskilling all Poa employees on cyber security especially phishing – Q1 2024
• Continuously review digital system for security breaches, carry out simulated attacks to identify vulnerabilities, and develops security protocols to thwart potential threats- Continuous
• Participate in the testing, implementation, and operation of secure operating systems, networks, databases to ensure security threats are identified and mitigated before they go into production- Continuous

Level of Management Experience Required (Mandatory & Nice to Have)

• This role has no people responsibility

Department stage of development where this role sits

• Prepare for scale through driving quality in operations

Requirements

Key Competencies Criticality (H, M, L)

• Proficiency in conducting regular vulnerability assessments of the systems to prevent any security incident- H
• Expertise in penetration testing, networking, system administration, and operating systems- H
• Awareness of the latest methods used by hackers and malicious elements to break into systems- H
• Capability to manage risk and ensure disaster recovery in case of a security event- H
• Ability to conduct an in-depth analysis of networks and identify any vulnerabilities or gaps in the system. Attention to detail is a fundamental personality trait of a network security engineer- H
• Knowledge of cyber laws and compliance requirements as per the law of the land- H
• Thorough knowledge of Coding languages such as Java, C++, Javascript, Python, SQL, PHP, Go lang HTML etc- H

Mandatory Criteria if Any with no exceptions to hire:

• BSC degree in Information Technology or related field with at least two years cyber security experience
• Two years experience in cyber security related duties such as incident detection, response and forensics certification on CCNP Security, Security+, CISA and CEH
• Must have operated in a business with similar Values and DNA to Poa to ensure cultural alignment
• Must have worked in a ISP/ Network management environment with fast scale up capabilities