Role Purpose
The Cyber Security Function Lead is responsible for planning, implementing, and governing the organization's cybersecurity strategy. This role ensures the confidentiality, integrity, and availability of information systems by managing security operations, risk, compliance, incident response, and continuous improvement of security controls across infrastructure, applications, cloud, and endpoints.
Key Responsibilities
1. Cyber Security Strategy & Governance
- Define and implement the cybersecurity roadmap aligned with business objectives.
- Establish and maintain security policies, standards, and procedures.
- Ensure alignment with industry frameworks (ISO 27001, NIST, CIS Controls).
- Act as the primary point of contact for security governance and audits.
2. Security Operations Management
- Oversee Security Operations (SOC) activities, including monitoring and alert handling.
- Ensure effective use of SIEM, syslog, EDR/XDR, DLP, and monitoring tools.
- Review and analyze security logs, alerts, and incidents.
- Ensure timely escalation and resolution of security issues.
3. Incident Response & Threat Management
- Lead incident response activities, including containment, eradication, and recovery.
- Coordinate root cause analysis (RCA) and post‑incident reviews.
- Ensure maintenance of incident response plans and conduct periodic drills.
- Track and mitigate emerging cyber threats and vulnerabilities.
4. Risk, Compliance & Audit
- Identify, assess, and manage cybersecurity risks.
- Support internal and external audits, including VPN, network, and application audits.
- Ensure compliance with regulatory and contractual security requirements.
- Maintain audit evidence, reports, and corrective action plans.
5. Identity, Access & Data Security
- Govern Identity and Access Management (IAM) processes.
- Ensure least privilege access, MFA, and privileged access controls.
- Oversee data protection controls, including encryption and DLP.
- Review and approve administrative access based on business justification.
6. Infrastructure & Network Security
- Ensure secure design and implementation of network, cloud, and hybrid environments.
- Review firewall policies, VPN configurations, and network segmentation.
- Coordinate with Infrastructure and Networking teams to eliminate security gaps.
7. Team Leadership & Coordination
- Lead and mentor Cyber Security team members.
- Assign tasks with clear ownership, tracking, and reporting.
- Coordinate with IT Administration, Networking, and other stakeholders.
- Ensure timely reporting to management with daily/weekly status updates.
8. Documentation & Reporting
- Maintain detailed security reports, dashboards, and checklists.
- Ensure email and ticket‑based communication for all security actions.
- Provide regular management updates on security posture, risks, and improvements.
Key Accountabilities
- Zero untracked or undocumented security actions.
- No critical or high‑risk audit gaps.
- Timely closure of security incidents and vulnerabilities.
- Consistent security reporting and evidence availability.
- Continuous improvement of the organization's security posture.
Required Skills & Competencies
Technical Skills
- Network and infrastructure security
- SIEM, SOC operations, and incident response
- Cloud security (Azure/AWS)
- IAM, EDR/XDR, DLP
- Vulnerability management and security monitoring
Professional Skills
- Strong leadership and decision‑making
- Risk management and analytical thinking
- Excellent documentation and reporting
- Stakeholder and audit communication
Qualifications & Experience
- Bachelor's degree in IT, Cyber Security, or related field
- 5–8+ years of experience in Cyber Security
- Relevant certifications (CISSP, CISM, CEH, Security+, Azure/AWS Security) preferred
