GRC Techno Manager

Cyber

• Responsible for safeguarding an organizations information technology infrastructure and data from potential threats, vulnerabilities, and cyberattacks
• Develop and implement comprehensive security strategies and policies to protect the organization’s assets and data
• Design, configure, and deploy security infrastructure components such as firewalls, intrusion detection/prevention systems (IDS/IPS), secure access controls, encryption mechanisms, and security

information and event management (SIEM) solutions

• Proactively conduct regular risk assessments and vulnerability analysis, Security Audits to identify potential security threats and weaknesses
• Review vulnerability assessments, penetration testing reports, and security audits to identify weaknesses and vulnerabilities in IT systems and applications
• Work closely with GRC team, review and implement corrective actions for GRC recommendation, audit observations and non-conformances.

Additional Responsibilities:

• Threat Monitoring & Detection:

  Continuously monitor security alerts and events across all systems using SIEM tools and other monitoring platforms. Identify, analyze, and respond to security threats in real-time.

• Incident Response:

  Lead Incident Response team

• Vulnerability Management:

  Regularly assess and prioritize vulnerabilities, patch systems, and work with IT teams to implement secure configurations and updates.

• Security Tool Management:

  Configure, maintain, and optimize security tools, including firewalls, intrusion detection/prevention systems, antivirus software, and endpoint protection.

• Forensics & Analysis:

  Conduct forensic investigations to collect, analyze, and preserve evidence related to security incidents.

• Security Reporting & Documentation:

  Review reports on security incidents, vulnerabilities, and performance of security systems.

Requirements:

• Educational Background:

  Bachelor’s degree in Computer Science, CyberSecurity, or a related field.

• Experience:

  Minimum of 10-20 years of experience in security operations, GRC
• Solid understanding of threat intelligence and incident handling frameworks (e.g., MITRE ATT&CK, NIST).
• Proficiency with SIEM tools (e.g., Splunk, QRadar, LogRhythm) and other security monitoring solutions.
• Strong knowledge of networking protocols, firewall management, and intrusion detection/prevention systems.
• Experience with scripting languages (e.g., Python, PowerShell) for automation of tasks.
• Familiarity with forensic tools and methodologies (e.g., EnCase, FTK).

• Soft Skills:

  Strong problem-solving abilities, attention to detail, effective communication skills, ability to work under pressure, and a collaborative mindset.

Preferred Qualifications:

• Security certifications such as CEH, GCIH, GCIA, or CISSP.
• Experience with cloud security (e.g., AWS, Azure, GCP) and securing cloud environments.
• Knowledge of regulatory and compliance requirements (e.g., PCI-DSS, GDPR).