We are looking for a Cybersecurity Director that will manage the entire lifecycle of vulnerabilities from discovery, triage, advising, remediation, and validation.

He/she will be also responsible for management of internal and external penetration tests, track to completion and create metrics to demonstrate progress and maturity.

Included in this global role, would be the following tasks:

• Perform comprehensive vulnerability assessments using best in class solutions.
• Review security vulnerabilities across a variety of technologies and environments.
• Validates the vulnerabilities identified against the different frameworks.
• Monitor, detect, and analyze cybersecurity threats using a variety of security tools.
• In close contact with our external SOC, you are responsible for the continuous monitoring of the information security landscape and responding security events.
• Perform deep-dive incident analysis by correlating data from various sources.
• Collaborate with incident responders in steps to investigate and resolve information security incidents.
• Producing effective metrics, dashboard and reports.
• Keep up to date with current vulnerabilities, attacks, and countermeasures.
• Develop and improve information security processes.
• Responsible for conducting regular phishing tests and trainings for users on how to deal with cybersecurity threats.

Required profile:

Education:

Preferably, Bachelor degree in Information Security, Computer science or equivalent. Official certification like CISSP, CISM, ITILv4 will be valuable.

Certification in SC-400 (Implement Information Protection in Microsoft 365) and SC-200 (Mitigate threats using Microsoft Defender XDR) will be valuable.

Professional Experience:

We are looking for a senior profile, fluent in English, with, at least 5 years of related professional experience in Information and Cybersecurity environment, Information Security Analyst or similar role.

The following knowledge would also be an asset:

• Experience in ISO 27001 and/or IEC 62443.
• Good knowledge of Advanced Persistent Threat detection, data loss prevention, vulnerability analysis and mitigation, Public Key Infrastructure, communications and information encryption.
• Understanding of security baselines for Microsoft 365 solution.
• Experience with information security penetration testing and techniques.
• Experience working in a project management, implementing and coordinating cybersecurity action plan.
• Knowledge of information security landscapes like Firewalls, Proxies, SIEM, Anti-Malware, IDS…etc.
• Handling of security risk management methods.

Skills:

• Strong conceptual thinking, troubleshooting and analytical skills.
• Highly organized, detailed oriented and completeness.
• Pro-active and eager to learn.