- Security Architecture Development:
- Design and implement a comprehensive cybersecurity architecture framework that aligns with business objectives and mitigates risks.
- Create security guidelines and best practices to ensure the confidentiality, integrity, and availability of organizational data.
- Risk Assessment and Management:
- Conduct thorough risk assessments to identify vulnerabilities and potential threats to the organization's information systems.
- Develop strategies to manage and mitigate identified risks, ensuring compliance with industry standards and regulations.
- Security Solutions Implementation:
- Oversee the deployment of security solutions and technologies, ensuring they are effectively integrated into existing systems.
- Collaborate with IT teams to ensure the security architecture is effectively applied across projects and initiatives.
- Incident Response Planning:
- Develop and maintain incident response plans to address potential cybersecurity incidents and breaches.
- Lead investigations of security incidents, ensuring lessons learned are documented and used to improve security posture.
- Training and Awareness:
- Provide training and awareness programs for staff to ensure they understand security policies and best practices.
- Promote a culture of cybersecurity awareness within the organization.
Requirements
- 10+ years of experience in cybersecurity, with a focus on architecture and risk management.
- Proven experience in designing and implementing cybersecurity frameworks for complex environments.
- Strong knowledge of security standards and regulations such as ISO 27001, NIST, and GDPR.
- Experience with security technologies including firewalls, intrusion detection systems, and encryption technologies.
- Certification in relevant cybersecurity frameworks or architectures (e.g., CISSP, CISM, TOGAF).
- Excellent analytical and problem-solving skills.
- Effective communication skills to interact with technical and non-technical stakeholders.
Education: Bachelor's degree in Computer Science, Information Technology, or a related field.
Certifications: Preferred certifications include CISSP, CISM, or similar relevant cybersecurity certifications.