Job Title: Cybersecurity Professional
This is an exciting opportunity to take ownership of security strategy, architecture, policies, and processes to protect critical platforms, systems, and data from cyber threats and unauthorized access.
Key Responsibilities:
* Lead the development and deployment of IT security projects to strengthen the company's security posture.
* Collaborate closely with managed security partners and oversee their services.
* Develop and maintain IT security policies, standards, and guidelines aligned with industry best practices.
* Implement secure design principles, threat modeling, and security control frameworks (NIS2, ISO 27000, ENISA ISF, COBIT).
* Balance security requirements with business needs, usability, and flexibility.
* Enable the secure adoption of new technologies across the business.
* Provide expert guidance on security matters and resolve security-related issues.
* Regularly assess applications and infrastructure for security effectiveness and policy compliance.
* Monitor emerging threats and assess potential risks.
* Influence internal teams to align with target security architecture and best practices.
* Manage security-related incidents and ensure compliance with GDPR and security regulations.
* Promote security awareness among staff through training and development initiatives.
Key Performance Indicators:
* Reduction or mitigation of security breaches.
* Consistent adoption of security frameworks across the organization.
* Cost-effective and balanced security solutions.
* Secure integration of new technologies.
* Effective embedding of security into operational areas.
Requirements:
* Strong knowledge of IT security practices, standards, and technologies (encryption, authentication, EDR, XDR, etc.).
* Experience implementing multi-factor authentication and secure application design principles (DevSecOps).
* Ability to assess security threats, risks, and mitigation strategies.
* Experience conducting and managing third-party penetration tests.
* Awareness of legal and regulatory security requirements (Data Protection Acts, PCI DSS, NIS2).
* Strong understanding of IT architecture and network security.
* Certifications such as CISSP, CISM, CCNA, CCNP, or CCIE are highly desirable.
* An MSc in cybersecurity, computer science, or a related field is an advantage.
* Experience in the telecommunications sector and knowledge of regulatory frameworks is a plus.