Senior Cyber Security Manager

The Cyber Security Manager is responsible for overseeing operations related to XLink IT and Network risks including managing audits reviews and ensuring compliance and governance across the technology environment. The Cyber Security Manager is responsible for coordinating inter-group cybersecurity functions including technology governance and resiliency while driving initiatives to strengthen the organizations cybersecurity posture.

The Cyber Security Manager is also responsible for supporting the planning and execution of company and group strategies budgets and deliverables aligned with cybersecurity objectives.

Required Skills:

Impact on the business

• Coordinate delivery and assessment of cyber security baselines (CSBs) across XLink relevant business areas and processes
• Design effectively and efficiently implement Cyber Security controls and requirements across the XLink environment.
• Own demand planning and forecasting for Technology security for all systems services and processes within the portfolio working together with vendors and internal customers
• Drive lead and manage the ISO27001 Information security management system (ISMS) for its successful operations
• Drive lead and manage the King IV Technology governance for its successful operations
• Ensure all XLink products services and projects are compliant to the XLink minimum security requirements and Cyber Security Baselines (CSBs).
• Responsible for the set-up execution and maintenance of the security incident management and coordination process in conjunction with incident management capabilities
• Management of the vulnerability scanning patching and penetration tests and tracking resolution of vulnerabilities and patches in XLink systems per the relevant XLink security policies
• Coordinate all internal and external audits around Technology systems and processes ensure these systems are free from known Technology audit findings and ensure all audit findings in these systems are closed within agreed timelines
• Perform risk assessments across Technology areas provide risk reports (including risk management committee reports and audit committee reports) to management as and when requested

Customers supplier and third parties

• Ensure compliance with Legal Regulatory and key stakeholders requirements across the Technology domains
• Responsible for monitoring of compliance of the Cyber security managed services contract to ensure it is within agreed SLA
• Responsible for validation timely completion and accuracy of Technology audit checklists and user access rights reviews
• Coordination of analytical processes and incident response measures
• Ensure proper implementation projects and change management processes compliance for all planned and emergency changes in Technology systems

Leadership Planning and Human Resource Management

• Manage all the Cyber security budgets and planning in alignment with the company and Group strategy
• Manage the Cyber security subordinate resources (FTEs and contractors) for their tasks/job descriptions effective implementations
• Skills development within Cyber security department
• Performance Management of the Cyber security team
• Provide input to Security Policies and requirements on Technology security methods and technologies
• Implement and measure compliance of the XLink cyber code across all users
• Provide regular and accurate management reporting on Cyber security service performance
• Build and manage relationships with key stakeholders to disseminate information and drive mitigating actions.

Innovation and change

• Manage the Security and Privacy by Design Assurance (SPDA) processes of the GDPR and business requirements
• Continually assess and review security policies and controls to support business requirements and changing security landscapes
• Drive continuous improvement through simplification of key cyber security processes
• Set-up of analytics framework and tools

Communication

• Work closely with the projects management team to ensure secure development of software codes and products is adhered and maintained throughout the software development life cycle
• Drive internal and third party service review meetings covering performance service improvements quality and processes
• Make recommendations for Cyber security service Improvement Plans and ensure actions are followed through to completion in a timely manner
• Perform information security awareness and training to all XLink users and third-party vendors and monitor effectiveness of the awareness and trainings Driving incident planned and emergency communication processes to both internal and external audience.
• Perform any other task that may be assigned to him/her from Technology or senior management

Key performance indicators

• Quality and timeliness of architecture design documents reports assessments and other requested information.
• Maintaining the agreed SLAs
• Satisfactory results and performance in Internal and External audits
• Security-related delays for projects/products launch avoided
• CSB scores within a committed range
• No timeline breaches in any requests
• Maintaining a good Customer experience with no security risks
• Security Incidents reduction and mean time to initial acknowledge response and remediation
• Quality and timeliness of post cyber incident root cause analysis and cyber incident reports analytics and information.