Cyber Security

Job Description

The Cybersecurity Subject Matter Expert (SME) serves as a trusted authority on cybersecurity practices, policies, and technologies. This role provides guidance, strategic direction, and technical expertise to ensure the confidentiality, integrity, and availability of organizational information assets. The SME collaborates with IT, security teams, business units, and external stakeholders to design, implement, and optimize cybersecurity programs aligned with industry standards, regulatory requirements, and organizational objectives.

Key Responsibilities:

*

Provide expert guidance on cybersecurity policies, standards, frameworks, and best practices (e.g., ISO 27001, NIST, CIS, GDPR).

*

Advise executive leadership on risk, threat landscape, and mitigation strategies.

*

Develop and recommend cybersecurity roadmaps, frameworks, and governance models.

*

Lead complex security architecture designs and assessments for networks, systems, applications, and cloud environments.

*

Provide deep technical guidance on security tools and solutions (e.g., SIEM, EDR, firewalls, vulnerability management, cloud security).

*

Evaluate emerging cybersecurity technologies and assess their suitability for organizational adoption.

*

Perform risk assessments, threat modeling, and vulnerability analyses.

*

Ensure adherence to regulatory, legal, and contractual cybersecurity requirements.

*

Support internal and external audits, providing expert responses to security queries and findings.

Incident Response & Investigation

*

Provide expertise during cybersecurity incidents, including containment, investigation, and remediation.

*

Analyze complex security events and recommend mitigation strategies.

*

Mentor SOC and IT teams in advanced incident response techniques.

Policy, Procedure, & Standards Development

*

Develop, review, and update cybersecurity policies, procedures, and operational standards.

*

Ensure alignment of security processes with business objectives and risk appetite.

Training & Knowledge Sharing

*

Act as a mentor and coach for security teams, IT staff, and business units.

*

Conduct training, workshops, and awareness programs to improve organizational security posture.

*

Collaborate with IT, DevOps, Legal, and business units to integrate security into business processes.

Skill

years of relevant experience

Typical skills include:

*

In-depth knowledge of Security technologies, and best practices.

*

Individually responsible for the design and scope of deliverables in Security Technologies

*

Expert level proficiency

*

Proven experience in client-facing roles, with a strong track record of successfully delivering Security Solutions

*

Strong understanding of security standards and regulatory requirements (e.g., GDPR, HIPAA, SOX, PCI DSS).

*

Excellent problem-solving, analytical, and communication skills.

*

Relevant certifications (e.g., CISSP, CISM) are highly desirable

*

Ability to lead and coordinate incident response activities effectively, including identifying and analyzing security incidents, containing the damage, and implementing remediation measures.

*

Strong leadership skills to manage and mentor a team of security professionals. Should be able to inspire, motivate, and empower team members to achieve security objectives.

*

Excellent communication skills to effectively communicate security risks, incidents, and mitigation strategies to stakeholders at all levels of the organization. This includes writing clear and concise reports, presenting findings to management, and fostering collaboration with other departments/ Business.

*

Ability to think critically and analytically to solve complex security problems. Should be able to quickly assess situations, identify root causes, and implement solutions to address security issues.

*

Commitment to continuous learning and improvement in security practices and processes. This involves staying updated with industry best practices, participating in training programs, and driving initiatives to enhance the security posture of the organization.

*

Ability to collaborate effectively with other teams such as IT, legal, compliance, and risk management to align security efforts with broader organizational goals and objectives.

Qualification & Experience

*

Bachelors degree in engineering (Electronics, Communication, Computer Science)

*

years of relevant experience in Identity & Access Management

*

Should possess in-depth technical expertise in IAM solutions, architectures, best practices and technologies (Microsoft Entra, Microsoft Azure AD, Okta, SailPoint, Ping Identity, etc.)

*

Strong client relationship management and advisory skills.

*

Effective communication and presentation abilities.

*

Project management skills, with a focus on delivering high-quality results.

*

Ability to work independently and collaboratively in a team environment.

*

Continuous learning and adaptability to new technologies and trends.

*

Other Cyber Security certifications, such as CISSP, CRISC, CISM, SANS, SABSA, OSCP are an added advantage.