Head of Cyber Security

Manage assigned resources, including leadership support, financial resources, and key security personnel, to support information technology (IT) and network security objectives to reduce overall organizational risk, consistent with the organizational cyber design strategy. Participate in the creation, review, and implementation of the security strategy for the coordinated area. Lead the implementation of NIS2 requirements across IT, network and digital infrastructure. Define and maintain security governance aligned to global and local policy and regulation. Implement enhanced risk-management practices across supply chain and incident response. Act as primary liaison with authorities and regulatory bodies regarding cyber security reporting obligations. Provide structured reporting to executive committees and company-wide forums. Ensure management-body accountability and support for cybersecurity risk management. Develop and maintain KPIs for threat detection, vulnerability reduction, incident response, and compliance posture. Act as the first level of escalation for prioritising requests within the managed team. Responsible for the quality of the team's results and alignment with applicable policies and procedures. Responsible for closing all findings identified as a result of internal or external audits within the managed area within the agreed timeframe. Provide support within the managed team for incident management requests. Provide support (coaching) to the managed team, ensuring communication of internal work procedures as well as specific security management standards applicable in the coordinated area. Set measurable objectives for the annual performance process in accordance with organisational objectives and evaluate the performance of the managed team members with actionable feedback at least twice a year. Represent the cybersecurity function in governance forums applicable to the managed area, including by providing regular status updates on current progress and potential bottlenecks. Review and sign off on the accuracy of the risk registers applicable to the area of responsibility. Identify training, preparation and prioritisation needs for the annual skills plan of the managed team. Project Management. Risk Management. Information Security. Knowledge of the organisation's information technology (IT) and digital and artificial intelligence, network and business goals and objectives. Knowledge of network security architecture concepts, including topology, protocols, components and principles (e.g., applying defence in depth). Knowledge of system performance and availability measures or indicators. Knowledge of applicable laws and regulations regarding information security for telecommunications and digital service providers. Knowledge of laws, policies, procedures or governance relevant to cybersecurity for critical infrastructures. Knowledge of IT supply chain security and supply chain risk management policies, requirements and procedures. Knowledge of current and emerging threats/threat vectors. Knowledge of sources of vulnerability information dissemination (e.g., alerts, warnings, errata, and bulletins). Knowledge of threats and vulnerabilities to system and application security Knowledge of what constitutes a network attack and the relationship of a network attack to both threats and vulnerabilities. Knowledge of penetration testing principles, tools, and techniques. Understanding of local and group cybersecurity policies and procedures Note: Experience is more relevant compared to training and certifications Strategy: Ability to plan long-term goals, think strategically with available resources. Projects: Ability to measure and control delivery, plan resources, and meet project management objectives. Team: Teamwork skills, timely and accurate reporting of information essential to meeting team objectives. Personal profile: Able to set priorities for coordinated team, problem-solving orientation, negotiation skills, follow-up and adherence to deadlines, adherence to rules and procedures. Other: Word processing, spreadsheets, graphics, programming, English, and written communication. University Degree: IT/Telecom Studies Minimum 8 years of experience in Cyber field Experience in team management and coaching Experience in risk management Good understanding of communication protocols Windows/Linux knowledge Knowledge of network principles DBMS knowledge Experience in adopting ISO27001 Certifications in the field of information security CISA, CISSP, CISM, CRISC, CCNA, etc.