Cybersecurity Manager

Job Summary:

The Cybersecurity Manager leads the organization’s cybersecurity operations with a strong hands-on approach, focusing on real-time threat detection, incident response, and risk mitigation. The role is responsible for monitoring security events, conducting log analysis, managing incident triage, containment, investigation, and remediation, while leveraging deep expertise in network protocols, security technologies, and attacker methodologies. Additionally, the role contributes to strengthening the organization’s cyber defense posture by analyzing system behaviors, identifying vulnerabilities, and continuously enhancing security controls and processes.

Responsibilities:

Operational Security & Incident Response Management

• Lead hands‑on incident investigations, root-cause analysis, and real-time incident containment.
• Perform real‑time containment of threats, malware analysis, and attack path reconstruction.
• Drive alert triage from SIEM, EDR, firewalls, mail gateways, DNS security, and cloud platforms.
• Develop and tune detection rules to improve signal‑to‑noise across security tools.

Threat & Vulnerability Management

• Conduct vulnerability scans, confirm exploitability, and prioritize remediation.
• Perform threat hunting and anomaly investigations across on‑prem and cloud workloads.
• Analyze unusual traffic patterns, authentication anomalies, cloud events, and endpoint behavior.
• Track latest TTPs (MITRE ATT&CK) and implement preventive controls.

Infrastructure Security

• Deep understanding of TCP/IP, TLS, SMTP, DNS, VPN , and enterprise network flows.
• Oversee hardening of servers, endpoints, applications, and cloud environments.
• Ensure secure configurations for AD, M365, Azure/AWS, conditional access, MFA, privilege boundaries network devices, and perimeter firewalls.

Security Tools Management

• Operate and optimize EDR, SIEM, email security, DLP, WAF, IDS/IPS, and PAM solutions.
• Evaluate new tooling and design detection strategies against emerging threats.

Governance

• Understanding of frameworks (ISO 27001, NIST, CIS).
• Maintain core technical playbooks (IR runbooks, DR steps, containment guides).
• Maintain essential policies and procedures (incident response plan, DR playbooks, acceptable use).
• Ensure compliance with PDPL, GDPR, NIST CSF.

Collaboration & Leadership

• Work with IT Infrastructure, Applications, Cloud, and Business Units to resolve cyber risks.
• Provide technical guidance to junior cybersecurity engineers.

Knowledge, Skills & Experience:

• Bachelor’s degree in computer science, Information Security, or a related field.
• 8-10 years of hands‑on cybersecurity experience (incident response, SOC, threat analysis).
• Strong hands-on experience in detection, response, risk, and governance.
• Ability to design and run cybersecurity programs.
• Experience managing or mentoring small teams.
• Proven ability to independently lead technical investigations.
• Relevant certifications such as CISSP, CISM, CRISC, CYSA+, CCNA Cybersecurity, GIAC (GCIA / GCED / GCIH).