Plan, evaluate, design, implement, operationalize, maintain, and upgrade security controls in alignment with business objectives, regulatory requirements, and frameworks such as NIST and CRI.
Lead and manage regional security projects and initiatives, including vendor coordination, stakeholder engagement, deliverable oversight, and milestone tracking to ensure successful execution.
Develop, maintain, and update detailed technical, operational, and configuration documentation necessary for effective project implementation and knowledge sharing.
Establish, enforce, and continuously refine security processes, standards, and best practices to ensure robust controls and high-quality service delivery.
Formulate and execute remediation plans addressing identified vulnerabilities, ensuring solutions meet defined security criteria and integrate seamlessly with existing systems.
Investigate security incidents and provide actionable recommendations to mitigate risks and enhance security protocols.
Collaborate with auditors and assessors to facilitate timely, comprehensive security audits and compliance assessments.
Communicate cybersecurity risks, mitigation plans, and program updates clearly and effectively to stakeholders, fostering alignment with organizational security goals.
Perform additional duties as assigned to support and advance the security governance function.
Job Requirements
Bachelor's degree in Cybersecurity, Information Technology, or a related field.
Minimum of 10 years professional experience, including at least 7 years in IT cybersecurity or related roles.
Proficient in security tools such as FireMon, Illumio, Pentera, CyberArk, or comparable security monitoring and management solutions.
Proven expertise across multiple Cybersecurity and Information Security domains, such as Identity and Access Management, Cryptographic Key Management, Zero Trust Architecture, Security Hardening, Data Loss Prevention, and Cloud Security Management.
Strong knowledge of various operating systems and web technologies. The possession of pertinent professional certifications, such as CISSP, CISM, or CRISC, are highly desirable.
Comprehensive understanding of security principles, techniques, technologies, and enterprise security architecture frameworks.
Extensive experience in cybersecurity, data protection, regulatory compliance, and adherence to industry standards.
Excellent analytical and problem-solving skills with the ability to manage multiple priorities effectively in a fast-paced environment.
Strong communication skills, including technical writing and documentation proficiency.
Detail-oriented, collaborative team player with a flexible, proactive, and positive attitude.
Demonstrates a high level of responsibility, initiative, and dedication to continuous improvement.
