The Role: The Information Security Lead plays a critical role in the first line of defence, embedding security into daily operations and ensuring the proactive management of cyber risks.
This position will be focused on implementing and maintaining effective security practices, monitoring for threats, and responding to incidents while ensuring compliance with organisational policies and regulatory standards.
Key Accountabilities: Identify and manage cybersecurity risks within day-to-day operations.Ensure security measures are integrated into business processes and technology systems.Security Implementation and Monitoring:Implement and maintain security controls, including firewalls, intrusion detection systems, managed SOC, server, cloud, and endpoint protection tools.Monitor systems and networks for potential threats and vulnerabilities and take overall responsibility for remediation activities.Oversee the selection and implementation of additional security tools and processes.Support the creation of accurate and meaningful information security KPIs and reporting.Team Leadership and Development:Build, manage, and mentor a high-performing cybersecurity team, fostering a culture of accountability and continuous improvement while ensuring team members are equipped with the skills and knowledge to address operational security challenges effectively.Deliver training and guidance to ensure teams understand and adhere to security protocols.Act as the first responder to cybersecurity incidents.Investigate and document incidents, collaborating with other teams to prevent recurrence.Policy and Compliance Execution:Ensure all operations comply with organizational security policies and external regulations, especially NIS2 and GDPR.Conduct regular reviews and updates of security controls in line with best practices.Evaluate the effectiveness of existing security controls and recommend enhancements.Stay updated on emerging cyber threats and adapt security measures accordingly.Required Qualifications/Expertise: Education: Bachelor's degree in Computer Science, Cybersecurity, or related field.
(Equivalent experience considered)Experience:3+ years of experience in cybersecurity or IT operations.1+ years of experience in team management (or strong desire to become a team lead).Certifications (Preferred):CompTIA Security+, Certified Ethical Hacker (CEH), CISM or equivalent.Technical Skills Required: - Strong knowledge of security technologies such as firewalls (primarily FortiGate), intrusion detection/prevention systems, endpoint protection, spanning both traditional and cloud environments (AWS, Office 365), managed SOC (CrowdStrike).
- Familiarity with operational security frameworks like NIST CSF or ISO/IEC 27001.
- Familiarity with legislations pertinent to the Telecommunications industry, especially NIS2 and GDPR.
#J-18808-Ljbffr