Key Responsibilities
Operational Security Management
- Operate, maintain, and continuously improve cybersecurity tools such as SIEM, IDS/IPS, EDR, PAM, vulnerability scanners, and log management platforms.
- Perform system and platform hardening, patch management, and network segmentation in line with security best practices.
Threat & Vulnerability Management
- Coordinate vulnerability assessment and penetration testing (VAPT) activities with internal teams and external service providers.
- Manage security findings from penetration testing, red teaming exercises, and bug bounty programmes, working with stakeholders to prioritise and remediate risks.
- Recommend appropriate mitigations and implementation actions to address identified vulnerabilities.
- Track remediation activities, security deviations, and risk acceptances through to closure.
Security Engineering & Architecture
- Partner with the CISO office to conduct security architecture reviews, evaluating the design and effectiveness of security controls across systems and networks.
- Collaborate with SOC, IT, OT, DevOps, and Physical Security teams to ensure cybersecurity operations align with enterprise architecture and operational requirements.
- Support the integration of advanced monitoring, detection, and security automation capabilities in line with organisational standards.
Incident Monitoring & Response
- Monitor security events and alerts, detecting, containing, and remediating security incidents in a timely manner.
- Handle incident escalations from the SOC, performing deep-dive technical analysis and coordinating with engineering teams to resolve complex security issues.
- Monitor and respond to indicators of compromise (IOCs) and emerging threat intelligence to reduce exposure to known threat vectors.
Compliance & Risk Management
- Implement and validate technical controls to support regulatory requirements and internal security policies.
- Conduct ongoing risk assessments and contribute to continuous improvements in security posture.
- Provide technical input and evidence to support internal and external audits.
Skills and Experience
- Bachelor's degree in computer science, Information Security, or a related discipline, or equivalent practical experience.
- Proven experience in cybersecurity operations or security engineering roles.
- Hands-on experience with security technologies such as SIEM, EDR, IDS/IPS, PAM, and vulnerability management tools.
- Strong understanding of application security, network security, system hardening, and incident response practices.
- Familiarity with both IT and OT security environments is an advantage.
- Professional certifications such as OSCP, CREST, CISSP, CISM, or equivalent are beneficial but not mandatory.
- Ability to manage multiple priorities effectively in a dynamic operational environment.
- Strong analytical, problem-solving, and communication skills.
