Senior Information Security Specialist

Client of Xperts4

Key Responsibilities:
Develop, support, and advance strategies, policies, programs, and projects designed to continually improve and enhance cyber and information security posture and resiliency.
Oversee compliance with applicable laws, rules, and regulations related to cyber and information security
Collaborate with the compliance team to define and implement policies, standards, and guidelines that ensure proper logging of user activities and access to sensitive data, supporting insider risk management initiatives
Regularly review the operation of security controls and recommend changes designed to improve effectiveness and/or counter emerging risks
Make appropriate recommendations for security enhancements to the line manager or any external vendor providing services including tools, technologies, services, policies, procedures, and other areas as needed
Lead efforts to evaluate and select vendors for security assessments, penetration testing, and other similar security services
Work with multiple stakeholders (Internal and External) to identify areas for cyber risk reduction in the IT Infrastructure
Serve as a subject matter expert during internal and external security audits.
Lead and manage the response to security incidents, including investigation, containment, eradication, and post-mortem analysis.
Oversee and enhance security monitoring systems, ensuring appropriate alerts and timely analysis of security events.
Manage the vulnerability remediation lifecycle, coordinating patching and configuration changes with IT and development teams.

Qualifications and Skills:
Minimum 5 years of dedicated experience in an Information Security role, with at least 2 years in a senior or lead capacity.
Expert knowledge of network security technologies, including firewalls, VPNs, IDS/IPS, network access control (NAC), and secure network architecture.
Strong practical experience with public cloud security platforms, including Identity and Access Management (IAM), security group management, and cloud-native security services.
Deep understanding of operating system security ,virtualization, and container security
Hands-on experience with Security Information and Event Management (SIEM) tools, DLP tools ,log analysis, and developing custom detection rules.
Certifications such as CISSP, CISM, CEH, or CompTIA Security+ are highly desirable.

Key Competencies:
Excellent written and verbal communication skills, with the ability to explain complex security concepts to technical and non-technical audiences.
Fluency in French (written and spoken) is mandatory; English proficiency is also required.
Proven ability to lead and manage security projects and initiatives with minimal supervision.
Strong analytical and problem-solving skills for investigating and resolving security incidents and vulnerabilities.
Ability to work collaboratively with cross-functional teams (IT Operations, Software Development, Legal, etc.).
High ethical standards and commitment to confidentiality.
Flexibility to travel within the African continent as needed.
Willingness to undertake regular travel to entities on the African continent for security assessments, incident management, and project delivery, with flexibility for short-notice assignments.