Professional Qualification and Certifications:

Bachelors Degree in Computer Science, Information Systems or other related field, or equivalent work experience.
Certification in risk, information systems and/or security desired

Work Experience:

Minimum 3- 5 years of experience in IT security, Identity and Access Management (IAM), DLP experience, Cloud Security and Governance.

Knowledge and skills:

Knowledge of IT infrastructure, especially networks, server. Desktop and DLP
Proven experience as a Cyber Security Engineer with a focus on Symantec DLP solutions.
In-depth knowledge of Symantec DLP architecture, components, and capabilities.
Strong understanding of data classification, encryption, and data loss prevention techniques.
Hands-on experience in designing, configuring, and managing DLP policies and rules.
Familiarity with regulatory requirements
Excellent analytical and problem-solving skills, with the ability to troubleshoot complex technical issues.
Effective communication skills, with the ability to convey technical concepts to non-technical stakeholders.
Knowledge of Third-party Risk management. Conducting Risk assessment and Cloud assurance.
Experience in security management, security and network architecture and/or design
Experience in implementing and maintaining IT security processes
Experience in creating and reviewing IT security policies for compliance
Skills and knowledge in data privacy, best practices such as; defence in-depth, least privileges, need-to-know, separation of duties, access controls, encryption

Key Processes Supported:
This role supports to following critical Head Office processes:

Interpret cyber security and corporate risk, and governance frameworks
Develop applicable policies and standards
Monitoring and reporting
Ensuring policy compliance
Perform daily, weekly, monthly system health checks for VPN, F/W and Proxy
Implement approved configuration/rule changes for VPN, F/W and Proxy
Ensure application/system security and availability thru load balancing and optimisation (F5)
Run adhoc reports for VPN, F/W and Proxy
Respond to P1, P2 and P3 Events and Alerts
Fine Tune Use Cases with SOC and OPS
Work with SOC to analyse threat intelligence and technical analysis
Conduct Cyber Incident Exercises to test preparedness
Set and implement user access controls and identity and access management systems
Monitor network and application performance to identify and irregular activity
Perform regular audits to ensure security practices are compliant
Deploy endpoint detection and prevention tools to thwart malicious hacks
Set up patch management systems to update applications automatically
Implement comprehensive vulnerability management systems across all assets on-premises and in the cloud
Document network, system, and application user access control procedures and feedback to management to update policies and processes when vulnerabilities are uncovered
Central point for all IT systems access requests for services or information
Validate legitimacy of requests; ensure proper approvals and execute per the access policies, regulations and procedures
Develop and maintain user access application inventory
Distribute access control reports to support periodic reviews
Provide required Management Information Reports
Work with business stakeholders and participate in company projects to ensure that onboarding of new applications is managed in alignment with data governance policies.
Develop and implement regular access control process improvements
Heightened awareness of Cyber Security.
Share Vulnerabilities/Threats discovered and Mitigation Strategies with the user community
Inform stakeholders about inappropriate use of IT systems/Services
Perform vulnerability testing, risk analyses and security assessments
Respond immediately to security-related incidents and provide a thorough post-event analysis
Update and upgrade security systems as needed
Define, implement and maintain corporate security policies and procedures
Plan, research and design robust Security Architectures and Strategies for IT and OT projects
Act as an SME for Cyber Security related issues
Conduct technical risk assessment to capture security exceptions and design associated controls