Job Description

Main Purpose of Job4C Group is a dynamic and forward-thinking organization committed to safeguarding our digital assets and ensuring the security of our product and information systems. We are seeking a seasoned Cyber Security Specialist to join our small but dedicated Cyber Security team. The ideal candidate will serve as the go-to person for all technical expertise, guiding our team through the complexities of cyber threats and defenses.As the Cyber Security Specialist, you will be the cornerstone of our cyber security efforts. You will leverage your extensive experience and knowledge to design, implement, and maintain robust security architectures. Your strategic thinking and planning skills will be essential in developing and executing roadmaps and action plans to enhance our cyber security posture. You will collaborate closely with other IT professionals, management, and stakeholders to ensure our cyber security measures are proactive, comprehensive, and effective.Main Responsibilities1. Security Architecture Design:

• Develop and maintain comprehensive security architecture frameworks.
• Ensure security architecture aligns with business goals and regulatory requirements.
• Conduct regular security architecture reviews and risk assessments.

2. Strategic Planning and Roadmapping:

• Create and implement strategic cyber security plans and roadmaps.
• Identify and prioritize security initiatives based on risk assessments and business needs.
• Monitor and adjust strategies in response to evolving threats and technologies.

3. Cyber Security Interventions and Improvements:

• Lead the planning and execution of security interventions to mitigate identified risks.
• Implement improvements to existing security policies, procedures, and technologies.
• Develop and oversee the deployment of security solutions and tools.

4. Technical Expertise and Guidance:

• Act as the primary technical resource for the cyber security team.
• Provide expert advice on complex security issues and incidents.
• Mentor and train team members on best practices and emerging threats.

5. Incident Response and Management:

• Coordinate and manage response efforts to security incidents and breaches.
• Perform root cause analysis and develop strategies to prevent recurrence.
• Communicate incident status and impact to stakeholders effectively.

6. Collaboration and Communication:

• Work closely with IT, compliance, and business units to align security initiatives.
• Present security strategies and updates to senior management and stakeholders.
• Foster a culture of security awareness and proactive risk management across the organization.

Qualifications and Experience

• Bachelor's degree in Computer Science, Information Security, or a related field. Master's degree preferred.

• Advanced certifications such as SANS GIAC/GCIA/GCIH, CISSP, CASP CISM, CEH, or equivalent.
• Expert understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense in-depth and common security elements.
• Minimum of 10 years of experience in Cyber Security, with a focus on security architecture and strategic planning.
• Experience with security tools and technologies such as firewalls, IDS/IPS, SIEM, and endpoint protection.
• Experienced in analyzing high volumes of logs, network data and other attack artifacts in support of incident investigations
• In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform (e.g.
• Nitro/McAfee Enterprise Security Manager, ArcSight, QRadar, LogLogic, Splunk)
• Experience with EDR technologies
• Understanding of mobile technology and OS (i.e. Android, iOS, Windows)

KPI'S

• Incident Response Time: Detect and resolve security incidents within the respective times according to industry standards.
• Architecture Compliance: Maintain 100% compliance in security architecture audits.
• Risk Mitigation: Complete risk assessments and mitigate risks.
• Training & Awareness: Conduct training sessions per quarter with 100% staff participation.

• Security Initiatives: Complete security initiatives on time and within budget
• Vulnerability Management: Reduce critical vulnerabilities.

• Incident Reduction: Achieve reduction in recurring security incidents within the required times according to industry standards.
• Project Delivery: Deliver security projects on time, within scope, and budget.
• Regulatory Compliance: Maintain compliance in regulatory audits and reviews.

Key competencies and skills

• Proven experience in designing and implementing security architectures and frameworks.
• Strong knowledge of current and emerging cyber threats, vulnerabilities, and mitigation techniques.
• A forensic approach to challenges
• A deep understanding of how hackers work and ability to keep up with the changing security landscape
• Ability to seek out vulnerabilities in IT infrastructures

Excellent analytical, problem-solving, and decision-making skills. * Strong communication and interpersonal skills, with the ability to convey complex security concepts to non-technical stakeholders.

• Excellent problem-solving skills and the ability to analyze complex security issues.
• Effective communication skills with the ability to convey technical information to non-technical stakeholders.

Personal attributes

• Self-motivated and self-managed
• Able to communicate effectively, both written and verbal
• Be able to work with and in various teams within the organization
• Ability to work well under pressure
• Willingness to learn
• Have the ability to write clear and concise documents
• Report on progress and raise issues / problems if and when necessary
• Professionalism
• Analytical and problem solving capabilities
• Meticulous attention to detail

4cgroup