We are seeking a dedicated and experienced Cyber Security Manager to join our team. This role will involve managing our organisation’s cyber security strategy and overseeing the implementation of security protocols and procedures. Your primary goal will be to ensure that our data and infrastructure are protected from all types of cyber threats. Your duties will include:
Security Management and Oversight:
· Develop, implement, and maintain comprehensive cyber security policies, procedures, and guidelines.
· Monitor and manage security systems, including firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint protection solutions.
· Conduct regular security assessments and vulnerability scans to identify and mitigate risks.
Support Team Collaboration:
· Work closely with the IT support team to provide security-related guidance and support.
· Assist in troubleshooting, resolving, and managing security-related incidents and issues reported by the support team.
· Ensure the support team is trained on security best practices and emerging threats.
Incident Response and Management:
· Lead the incident response team in the event of a security breach or cyber-attack.
· Investigate security incidents, analyse root causes, and implement corrective actions to prevent future occurrences.
· Maintain and update the incident response plan, ensuring readiness for various cyber threats.
Security Awareness and Training:
· Develop and deliver security awareness training programmes for all employees.
· Conduct regular phishing simulations and other training exercises to enhance staff awareness and preparedness.
· Provide ongoing education and updates on the latest cyber security trends and threats.
Technical Expertise and Innovation:
· Stay current with emerging cyber security technologies and trends.
· Recommend and implement innovative security solutions to enhance our overall security posture.
· Collaborate with vendors and partners to ensure the effective implementation of security technologies.
Patch Management:
· Develop and Enforce Patch Management Policies: Create comprehensive policies that mandate regular updates of all software and hardware. These policies should define timelines for patch deployment following the release of patches to address security vulnerabilities.
· Automate Patch Deployment Processes: Utilize automated tools to ensure timely and consistent application of patches across all systems. Automation helps in reducing human error and the manpower required for patch deployment.
· Monitor Patch Compliance and Effectiveness: Regularly monitor and report on patch coverage to ensure no device or application is left vulnerable. This involves tracking patch deployment status and verifying the effectiveness of each patch in mitigating identified risks.
Resolving Patch-Related Issues:
· Rapid Response to Patch Failures: Establish protocols for quickly addressing failures in the patch deployment process. This includes immediate rollback procedures and troubleshooting methodologies to restore system functionality without compromising security.
· Test and Validate Patches before Deployment: Implement a controlled testing environment to validate patches against critical systems and applications before full deployment. This helps in identifying potential issues that can cause system disruptions or compatibility problems.
· Educate and Train IT Staff on Patch Management: Provide targeted training to IT support staff on the intricacies of patch management, including how to handle patch failures and security implications of delayed patch application.
#J-18808-Ljbffr