OVERVIEW
Cyber/ Information Security Lead is responsible for developing, implementing, and managing the organization's information security strategy and operations.
Ensures the confidentiality, integrity, and availability of data and IT systems by proactively identifying risks, enforcing security policies, and responding to incidents.
Key Responsibilities:
- Security Strategy & Governance
- Develop and maintain information security policies, standards, and procedures.
- Align security initiatives with business goals and regulatory requirements (e.g., ISO 27001, TISAX).
- Risk Management & Compliance
- Conduct regular risk assessments, vulnerability scans, and penetration tests.
- Ensure compliance with internal controls and external audits.
- Manage third-party risk assessments and vendor security reviews.
- Security Operations
- Configuration and monitoring of firewalls, SIEM systems, endpoint protection, and intrusion detection/prevention systems (IDS/IPS).
- Lead incident response efforts, including investigation, containment, and remediation.
- Monitor security alerts and logs to detect and respond to threats in real time.
- Identity & Access Management (IAM)
- Implement and manage IAM policies, including role-based access control (RBAC), multi-factor authentication (MFA), and privileged access management (PAM).
- Awareness & Training
- Develop and deliver security awareness training programs for employees.
- Promote a culture of security across the organization.
- This is a key position which implements the overall Information Security Strategy for the function and aligns to the direction of the Group IT Head
