Senior Specialist Cyber Security Defense

Role: Specialist - Cyber Security Defense

Responsibilities:

• Coordinate operations of Cyber Security Defend stakeholders and team.
• Implement, upgrade, maintain, and refine End-to-End Security Monitoring.
• Manage Proactive & Reactive Security Incident Management Processes, Communication, and Response Plans in a timely manner.
• Facilitate implementation, management, and optimization of Cyber Defense policies, standards, and procedures.
• Ensure adequate CAPEX/OPEX budget allocation, resources, and management focus on cyber security risks.
• Implement actions to address risks, Audit & Reviews (Internal and External) on Security Monitoring and Incident Management.
• Drive improvement of the company's Cybersecurity posture through various initiatives, including Cyber Security Baselines.
• Act as a Local Cybersecurity ambassador in the respective Market and support the Group Cybersecurity Mission.

Key Roles and Impact on the Business:

• Coordinate optimization of Operational & Monitoring Dfense cyber security baselines (CSB) controls across all relevant business areas and processes.
• Optimize and maintain Monitoring Cyber Security controls and requirements across environments.
• Ensure compliance and third-party systems products, services, and projects with the minimum security Monitoring requirements and Cyber defense Cyber Security Baselines (CSBs).
• Set up, execute, and maintain the security incident management and coordination process in conjunction with incident management capabilities.
• Support internal and external audits around Technology systems and processes, ensuring systems are free from known Technology audit findings and any audit findings are addressed within agreed timelines.

Qualifications:

• Degree in Electrical Eng/Computer Science/information Technology or equivalent Technology-related degree.
• Professional Information Security Qualification: CISSP/CISM/CISA.
• Advanced competencies in Network Security: CCNP or CCIE (Security).
• Advanced competencies in Microsoft, Linux, or Unix Operating Systems administration.
• Advanced competencies experience in Information Security Technologies.

Skills and Experience:

• Minimum of 3 years focused Security experience in Incident Management, Intrusion Analysis, Network troubleshooting, or Reverse Engineering.
• Minimum of 2 years Security tooling management and deployment experience with Forensic tools, Security Logging, and EDR Tooling.
• Preference for Minimum One Year experience working with Vodacom/Vodafone Cyber Defence team.
• Experience in design, delivery, and support of Information Security solutions to customers will be an added advantage.
• Strong communication skills, teamwork, and analytical thinking.
• Project management skills, proven task execution, superior report writing skills.

Other Roles:

Customers, Supplier and Third Parties:

• Support compliance with Legal, Regulatory, and key stakeholders requirements across the Technology domains.
• Monitor compliance of the Cybersecurity Monitoring and Incident services contract to ensure it is within agreed SLA.
• Coordinate analytical processes and incident response measures.
• Ensure proper monitoring implementation and change management processes compliance for all planned and emergency changes in Technology systems.

Leadership, Planning and Human Resource Management:

• Manage Cybersecurity CAPEX/OPEX budgets and planning, aligned with the company and Group strategy.
• Manage Cybersecurity subordinate resources (FTEs and contractors) for effective task/job descriptions implementation.
• Skills development within the Cybersecurity department.
• Performance Management of the Cybersecurity team.
• Provide input to Security Policies and requirements on Technology security methods and technologies.
• Support Implementation and enforcement of the cyber code across all users.
• Provide regular and accurate management reporting on Cybersecurity service performance.

Innovation and Change:

• Maintain the Incident management & Monitoring (SPDA) processes of the GDPR and business requirements.
• Continually review and enforce security policies and controls to support business requirements and changing security landscapes.
• Set up an analytics framework and tools.
• Drive continuous improvement through simplification of key cybersecurity processes.

Communication:

• Drive internal and third-party service review meetings covering performance, service improvements, quality, and processes.
• Make recommendations for Cybersecurity service Improvement Plans and ensure actions are followed through to completion in a timely manner.
• Support information security awareness and training to all users and third-party vendors.
• Drive incident planned and emergency communication processes to both internal and external audiences.