OVERALL PURPOSE
The overall purpose of this position is to:
* Develop and Implement Security Policies: Create and enforce policies and procedures to protect the organization's information assets from unauthorized access, theft, and other threats.
* Conduct Risk Assessments: Identify threats and vulnerabilities, evaluate associated risks, and develop strategies to minimize risks and safeguard critical data and systems.
* Monitor Network and System Security: Oversee network and system security to detect and respond to breaches or incidents, ensuring security controls are effective and operational.
* Provide Security Training and Awareness: Educate employees on security best practices and their responsibilities for protecting sensitive information, using a constructive and engaging approach.
* Manage Security Incidents: Lead response efforts to contain and resolve incidents efficiently, coordinating with internal teams and external partners.
* Lead and Mentor Team Members: Provide leadership, guidance, and mentorship to develop the skills and expertise of the security team.
QUALIFICATIONS AND EXPERIENCE
* Bachelor’s degree in information security or equivalent experience
* Preferred certifications: CISSP, CCSP, GCIH, GSEC, GCFA, and Microsoft SC-100, 200, 300, 400, 500
* Extensive experience in information security, spanning architecture and operations
* Deep understanding of security technologies, standards, and best practices
* Proven leadership ability to build, develop, and inspire high-performing teams
* Skilled in creating and enforcing security policies and procedures
* Expertise in managing security incidents and conducting risk assessments
* Strong knowledge of emerging security threats and technologies
SKILLS
* Proficient in English at a business level
* Expertise in Microsoft 365, particularly its security features
* Extensive experience with SIEM tools like Sentinel or Splunk
* Strong knowledge of Microsoft Windows 11, Intune, Windows Server, Active Directory, PKI, and GPO
* Proficiency with EDR and EPP solutions, particularly Microsoft E5 Security Suite
* Familiarity with Infrastructure as Code principles and automation
* Knowledge of Threat Intelligence is a plus
* Experience in supporting penetration testing engagements
* Eager to learn and adapt to new technologies in a rapidly changing environment
* Highly organized, responsible, and flexible
* Skilled in scripting with a solid understanding of regular expressions
* Good understanding of general IT systems and TCP/IP networking
COMPETENCIES AND BEHAVIOURS
* Strong communication skills with the ability to collaborate effectively with virtual teams
* Highly organized and capable of managing hybrid infrastructures
* Passionate about Microsoft 365, Azure technologies, and security practices
* Good knowledge of traditional Microsoft Active Directory environments
* Proven analytical and problem-solving abilities
* Deep curiosity and enthusiasm for security, incident detection, and threat hunting
* Skilled at prioritizing and executing tasks in high-pressure environments
* Ability to design innovative, cost-effective solutions