Security Operations & Threat Management:

• Monitor and analyze security events, detect vulnerabilities, and respond to security incidents.
• Implement firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint protection.
• Perform penetration testing, vulnerability assessments, and security audits.
• Investigate security breaches and recommend remediation strategies.

Risk Management & Compliance:

• Assess and mitigate cyber risks to protect organizational data and systems.
• Ensure compliance with cybersecurity frameworks and standards such as ISO 27001, NIST, GDPR, and PCI DSS.
• Develop and enforce security policies, procedures, and best practices.
• Collaborate with legal and compliance teams to address regulatory requirements.

Infrastructure & Data Protection:

• Implement and manage encryption, access controls, and identity management solutions.
• Secure cloud environments (AWS, Azure, Ali Cloud or Google Cloud) and on-premises infrastructure.
• Oversee secure software development practices and ensure security in DevOps environments.
• Protect critical data from ransomware, phishing, and malware attacks.

Incident Response & Forensics:

• Develop and maintain an Incident Response Plan (IRP) to handle cybersecurity events.
• Conduct forensic analysis to determine attack vectors and mitigate future threats.
• Work with security information and event management (SIEM) systems for proactive threat detection.

Security Awareness & Training:

• Educate employees on cybersecurity best practices to prevent social engineering attacks.
• Conduct simulated phishing campaigns and security awareness training.
• Stay up to date with emerging cyber threats, trends, and technologies.