IT Security Lead

Job Description
As the IT Security Lead you will be responsible for protecting the organization’s digital assets and ensuring a strong security posture across all technology domains. You will collaborate closely with our SOC provider and internal teams to implement best practices manage risks and respond effectively to security incidents.

Key Responsibilities

Infrastructure Security
-Design security architecture and roadmaps for critical infrastructure.
-Oversee the deployment and management of security tools including:
Intrusion Prevention Systems (IPS)
Security Information and Event Management (SIEM)
Malware proxies
Network and system access controls
Firewalls
Authentication mechanisms
Enterprise monitoring solutions

Network Security
-Partner with network teams to strengthen security across LANs WANs VPNs routers and wireless networks.
-Implement and maintain network and application firewalls to safeguard communications.

AI Security
-Keep up to date with emerging AI-related security risks.
-Assess monitor and mitigate potential risks associated with AI technologies.

BYOD Security
-Develop implement and enforce policies for Bring Your Own Device (BYOD).
-Ensure personal devices are securely integrated into the corporate environment.

Risk Management
-Conduct regular risk assessments and create effective mitigation strategies.
-Collaborate with business stakeholders to identify prioritize and manage risks.

Malware Protection
-Deploy and manage antivirus and anti-malware solutions.
-Continuously monitor and respond to virus and malware-related incidents.

Security Awareness & Training
-Partner with vendors to design and deliver security awareness programs.
-Plan and execute phishing simulation campaigns to train employees in recognizing threats.

Incident Monitoring & Response
-Communicate security risks and recommendations to senior leaders and stakeholders.
-Review refine and optimize SIEM alerts and systems.
-Contribute to enterprise vulnerability management.
-Lead or support incident response escalation and resolution efforts.

Leadership & Guidance
-Provide mentorship and security guidance to junior CSIRT members and other business units.
-Strengthen the organization’s forensic investigation capabilities while minimizing disruption to operations.
-Participate in endpoint forensic analysis and investigations.

Qualifications:

• Education: Bachelor’s or Associate Degree in Computer Science Information Technology Engineering Technical Education Information Security Business or other related fields.

• Certifications: Possession of relevant certifications such as CISSP NRA FLS ITIL SANS BLS CCNA PSP CPP CISA CISM IAM IAT or ISO is preferred.

• Skills and Competencies:

  • Strong grasp of network security principles and best practices.

  • Understanding of AI security frameworks and risk implications.

  • Proven ability to develop implement and enforce security policies.

  • Experience in risk assessment and mitigation planning.

  • Knowledge in virus and malware protection strategies.

  • Proficiency in Vulnerability Assessment and Penetration Testing (VAPT) processes.

  • Hands-on experience with scripting languages such as Java Perl Ruby or Python.

  • Additional desirable expertise includes policy formulation risk evaluation role-based access control firewall and intrusion detection systems and familiarity with industry standards and regulatory compliance trends.