- Leadership & Security Strategy
- Lead and mentor the IT Security team, fostering an environment of growth and continuous learning.
- Develop and execute the organization’s information security strategy, aligning it with business objectives and evolving security threats.
- Conduct regular risk assessments, identifying vulnerabilities in Microsoft 365, on-premise AD, and the network infrastructure protected by Sophos Firewalls.
- Collaborate with stakeholders to integrate security best practices across all IT initiatives.
- Policy Development & Compliance
- Establish, update, and enforce IT security policies tailored to the organization’s hybrid infrastructure.
- Ensure compliance with international and local security standards, such as GDPR, ISO 27001, and regulatory frameworks.
- Conduct audits and assessments to evaluate adherence to security policies across Microsoft 365, AD, and the network.
- Operational Security Management
- Oversee the day-to-day security operations, managing firewalls (Sophos), monitoring systems, and intrusion detection solutions.
- Monitor and maintain robust security within Microsoft 365 services (email, identity management, and data protection) and on-premise Active Directory.
- Respond swiftly to security incidents, leading the investigation and mitigation of breaches, and continuously improving response protocols.
- Team Leadership & Development
- Guide and support the development of team members, ensuring they are equipped with up-to-date knowledge on emerging threats and security technologies.
- Drive team performance, managing workflows and delegating responsibilities to meet organizational security goals.
- Incident Response & Risk Mitigation
- Lead the design and implementation of incident response plans, ensuring the organization is equipped to respond quickly to breaches in both cloud and on-prem environments.
- Manage disaster recovery plans and business continuity measures, focusing on data integrity and network resilience.
- Continuously review and improve security posture, leveraging vulnerability management tools and penetration testing.
- Collaboration with IT & Project Teams
- Work closely with the broader IT department to secure infrastructure, systems, and applications, ensuring new technologies are securely integrated.
- Provide strategic guidance on projects involving Microsoft 365, AD, and third-party integrations to ensure security from the ground up.
- Drive security awareness initiatives across the organization, educating users on security best practices and emerging threats.
- Reporting & Continuous Improvement
- Prepare and deliver detailed reports on the organization’s security posture, highlighting vulnerabilities, incidents, and recommended improvements.
- Stay informed on the latest security threats and trends, continually adapting the organization’s security policies and procedures.
|