Cybersecurity Practice Lead at Vendease

Job Summary

We are looking to engage a Cybersecurity Practice Lead to oversee and manage the development, implementation, and maintenance of our cybersecurity practice. The ideal candidate will be responsible for establishing and executing a comprehensive cybersecurity strategy that aligns with our business objectives.

Responsibilities

• Develop and implement a comprehensive cyber security strategy and roadmap for the organisation.
• Establish and enforce cyber security policies, procedures, and guidelines in compliance with industry standards and regulations such as ISO, NIST, NDPR, PCI-DSS, and GDPR, by implementing appropriate controls, conducting regular audits, and coordinating with relevant regulatory bodies.
• Conduct regular risk assessments and vulnerability assessments to identify potential threats and vulnerabilities.
• Review code and ensure secure coding practices are followed throughout the software development lifecycle.
• Perform penetration testing to identify vulnerabilities in systems, networks, and applications.
• Collaborate with IT and other relevant departments to ensure security measures are integrated into systems and applications.
• Monitor and respond to security incidents, conduct investigations, and implement incident response procedures.
• Stay updated on the latest cyber security threats, trends, and technologies to continuously improve the organisation's security posture.
• Conduct security awareness training programs for employees to promote a culture of cyber security awareness.
• Lead the development and implementation of security controls, including firewalls, intrusion detection systems, encryption mechanisms, and access controls.
• Coordinate and oversee third-party security assessments and audits.
• Manage relationships with external vendors and service providers related to cyber security.
• Collaborate with legal and compliance teams to ensure data protection and privacy regulations are followed.
• Maintain documentation of cyber security policies, procedures, and incident response plans.
• Provide regular reports and updates on cyber security metrics, incidents, and ongoing initiatives to senior management.

Requirements

• Bachelor's degree in Cybersecurity, Computer Science, or a related field. Relevant certifications (e.g., CISSP, CISM, CEH) are strongly preferred.
• Proven experience in developing and implementing cybersecurity strategies, preferably in a leadership role.
• Strong knowledge of industry regulations and standards (e.g., ISO, NIST, NDPR, PCI-DSS, GDPR) and their practical implementation.
• Demonstrated ability to lead and manage a team of cybersecurity professionals, fostering a collaborative and high-performance work environment.
• Experience in conducting risk assessments, vulnerability testing, and incident response planning.
• Excellent communication and interpersonal skills, with the ability to effectively collaborate with internal and external stakeholders.
• Strong analytical and problem-solving abilities, with a proactive approach to identifying and mitigating security risks.
• In-depth understanding of emerging cybersecurity threats and trends, and the ability to translate them into actionable recommendations for the organization.

Experience & Education:

• Bachelor's or Master's degree in Computer Science, Cybersecurity, or a related field.
• At least 5 years of experience in cybersecurity, with a proven track record of successfully leading and managing a cybersecurity team.