Cybersecurity Section Head Leader group

Key Responsibilities

• Cybersecurity Governance & Compliance
• Develop, implement, and enforce cybersecurity policies and risk frameworks.
• Ensure full compliance with:
• CST Cybersecurity Regulatory Framework (CRF)
• National Cybersecurity Authority (NCA) regulations
• ISO 27001, GDPR, and industry-specific mandates
• Lead internal and external cybersecurity audits and ensure continuous audit-readiness.
• Risk Management & Security Assessments
• Conduct vulnerability assessments (VAPT), risk analyses, and threat modeling.
• Oversee internal and external penetration testing programs.
• Produce risk reports with clear mitigation strategies.
• Security Operations Management (SOC)
• Supervise day-to-day SOC activities and lead threat detection and incident response.
• Manage SIEM & SOAR platforms (e.g., Splunk, QRadar, Rapid7 InsightIDR).
• Lead cyber incident handling, forensic investigations, and post-incident reviews.
• Infrastructure & Cloud Security
• Oversee security implementations across hybrid and multi-cloud environments (AWS, Azure, Oracle).
• Ensure infrastructure hardening, secure configurations, and access controls.
• Collaborate with DevOps teams to embed security (DevSecOps) in development pipelines.
• External Cybersecurity Services (Projects & Clients)
• Provide cybersecurity expertise to external digital transformation and compliance projects.
• Guide clients in meeting regulatory and operational security requirements.
• Lead delivery of security assessments, gap analysis, risk mitigation, and advisory.
• Security Awareness & Training
• Design and manage awareness campaigns (via KnowBe4 or similar platforms).
• Conduct training sessions for employees, clients, and executives.
• Promote a cybersecurity-first culture both internally and externally.