Network & Cybersecurity Officer

The Network & Cybersecurity Officer will be responsible for identifying, recommending, and implementing cybersecurity technologies and mitigating measures for the company.

Principal Duties and Responsibilities

• Responsible for the research and analysis of international cybersecurity standards, products and making recommendations to the Network & Security Manager.
• Proactive review and update of documented cybersecurity policies & procedures based on changing industry standards and trends. Assisting the Network & Security Systems Manager with the enforcement of such policies.
• Review of NIST CSF framework adaptations and providing reports and recommendations on the impact to compliance.
• Proactive daily review of “common vulnerabilities / exposures” (CVEs) and providing reports on if it impacts the company's systems and recommendations for mitigation.
• Monitoring and administration of the company’s NDR and EDR solutions, working with vendors, researching, investigation and reporting of alerts.
• Conducting proactive audits on active directory and ensuring security best practices are applied.
• Proactive monitoring of company’s IOT devices, making recommendations for the security of such.
• Works with the ICT Technician to ensure IT asset register is proactively updated, prioritizing ICT assets such as hardware and software in terms of its level criticality to the organization.
• Responsible for building and maintaining the ICT configuration database for all hardware and software systems while liaising with the Network & Security Systems Manager for change management.
• Assist the Network & Security Manager in building and maintaining the security risk register as well as providing recommendations for mitigating risks.
• Responsible for the proactive oversight / execution of the vulnerability management and patch management programs.
• Responsible for the proactive review and execution of the incident response plan which includes the investigation and analysis of security incidents, details of evidence and completion of reports / lessons learnt. It will also include the coordination of proactive tabletop exercises.
• Responsible for the proactive execution of the security awareness program, ensuring that annual staff training is conducted as well as the execution periodic phishing tests.
• Assisting the Network & Security Systems Manager and ICT Technician in Privileged Account Management making recommendations for various use cases and overseeing its deployment.
• Assisting the Network & Security Systems Manager in assessing and managing third party risks such as ICT vendors and any external entity that electronically interfaces with the company's systems.
• Assist the Network & Security Systems Manager with audits and compliance assessments, tracking progress of the company’s security score ratings.
• Conducting training when and where necessary on security processes and procedures.
• Supports the development and maintenance of a team environment by performing other related duties.
• Liaising with external customers/vendors/security consultants as and when necessary.
• Other related duties as assigned.