​

Operational:

• Implement and manage cybersecurity policies, procedures, and controls to safeguard the organization’s digital assets.
• Oversee day-to-day cybersecurity operations, including incident response, threat detection, and vulnerability management.
• Monitor and analyze security events and incidents, ensuring timely response and resolution to mitigate risks.
• Conduct regular cybersecurity assessments and audits to identify weaknesses and ensure compliance with standards and regulations.
• Manage relationships with external cybersecurity vendors and service providers, ensuring effective collaboration and service delivery.
• Monitor the performance of managed service providers (MSPs) against agreed-upon service level agreements (SLAs) and key performance indicators (KPIs), ensuring adherence to contractual obligations.

Tactical:

• Develop and execute cybersecurity training and awareness programs for employees to enhance security awareness and compliance.
• Implement security controls and technologies to protect against emerging cyber threats and vulnerabilities.
• Collaborate with cross-functional teams to integrate cybersecurity into the organization’s systems and processes.
• Lead the investigation and response to security incidents, coordinating with internal and external stakeholders for effective resolution.
• Develop and maintain incident response plans and procedures to minimize the impact of security breaches.
• Conduct regular reviews and assessments of MSP performance, identifying areas for improvement and implementing corrective actions as necessary.

Strategic:

• Develop and implement a comprehensive cybersecurity strategy aligned with business objectives and risk management priorities.
• Identify emerging cybersecurity trends and technologies to enhance the organization’s security posture.
• Drive continuous improvement initiatives to strengthen cybersecurity controls and practices.
• Provide strategic guidance and recommendations to senior leadership on cybersecurity investments and priorities.
• Engage with industry forums and regulatory bodies to stay informed about evolving cybersecurity threats and best practices.
• Develop strategic partnerships with MSPs to enhance cybersecurity capabilities and support organizational growth objectives.

Financial Planning:

• Develop and manage the cybersecurity budget, ensuring cost-effective allocation of resources to address key priorities and initiatives.
• Evaluate cybersecurity investments and expenditures to ensure alignment with organizational goals and objectives.
• Identify opportunities for cost savings and efficiencies in cybersecurity operations and technologies.
• Track and report on cybersecurity-related expenses and ROI to demonstrate value to stakeholders.
• Collaborate with finance and procurement teams to negotiate contracts and agreements with cybersecurity vendors and service providers.
• Monitor and manage the financial performance of MSPs, ensuring that contracted services are delivered within budget and in line with agreed-upon terms.

Other Relevant Key Performance Areas:

• Regulatory Compliance: Ensure compliance with global cybersecurity standards and regulations, including GDPR, PCI DSS, and other relevant mandates.
• Risk Management: Identify and assess cybersecurity risks, develop risk mitigation strategies, and monitor risk levels to minimize organizational exposure.
• Stakeholder Engagement: Build and maintain strong relationships with internal and external stakeholders, providing regular updates and communication on cybersecurity matters.
• Innovation and Research: Stay abreast of emerging cybersecurity technologies and best practices, conducting research and pilot projects to assess their applicability and effectiveness within the organization.
• Incident Management: Lead the organization’s response to cybersecurity incidents, coordinating with internal teams and external partners to contain and remediate breaches effectively.

Supervisory / Leadership / Managerial Tasks:

• Has responsibilities for directing, guiding, motivating and influencing others. This is inclusive of ;
• Set clear directions, goals and objectives for direct reports and team
• Monitor progress and maintain progress and maintain motivation.
• Manage performance of team
• Manage Staff career discussions, training and development and ensure necessary actions/ interventions are put in place
• Create an enabling environment and culture for team to perform
• Involvement in the process of hiring talent

IT Security Responsibilities/ Tasks:

• Comply with all Information Security Policies and related documents
• Report security weakness/incidents to either the respective head of department or the Enterprise Information Security Manager
• Must not exploit known security weaknesses.
• Participate in all forms of Information Security Awareness
• Promote Continual improvement of Information Security
• Monitor compliance to the information security management system requirements by the Teams
• Communicate the importance of effective information security management to your teams
• Direct and support team/s to contribute to the effectiveness of the information security management system