Sr. Cybersecurity Expert

Salary Range: PKR 400,000 – 600,000 per month (depending on experience)

Position Summary:

We are seeking a highly experienced Cybersecurity Expert with 8+ years of hands-on experience in the cybersecurity domain. The ideal candidate will have extensive experience in securing IT infrastructure, detecting and responding to security threats, and implementing security best practices across various systems, networks, and applications. This senior-level position will require you to lead the organization's efforts to mitigate security risks, oversee security operations, and ensure compliance with industry standards and regulations.

As a Senior Cybersecurity Expert, you will work closely with cross-functional teams to design and enforce security strategies, monitor security infrastructure, conduct audits, and manage the organization's cybersecurity posture. Your expertise will be critical in protecting the company from emerging cybersecurity threats and vulnerabilities.

Key Responsibilities:

1. Cybersecurity Strategy & Risk Management:
   Develop, implement, and maintain comprehensive cybersecurity strategies to protect the organization's infrastructure, applications, data, and sensitive information.
   Conduct risk assessments to identify vulnerabilities in the IT infrastructure, applications, and network systems.
   Develop risk mitigation plans and ensure effective implementation across all departments and technology platforms.
   Advise on security policies and procedures to ensure compliance with internal and external security standards and regulations.
2. Incident Detection & Response:
   Lead the incident detection and response efforts by analyzing security incidents, investigating threats, and coordinating the response to security breaches.
   Manage security operations teams in the identification, analysis, and containment of security incidents (e.g., malware attacks, data breaches, DDoS).
   Implement and maintain SIEM (Security Information and Event Management) solutions to monitor real-time threats and attacks.
   Conduct post-incident reviews, ensuring lessons learned are incorporated into future strategies.
3. Network & Infrastructure Security:
   Oversee the implementation of network security solutions, including firewalls, intrusion detection/prevention systems (IDS/IPS), and VPNs.
   Ensure the security of cloud-based infrastructure and services (e.g., AWS, Azure, Google Cloud) through configuration management, encryption, and access control.
   Develop and implement secure network architectures to minimize exposure to cyber threats.
4. Application Security & Vulnerability Management:
   Lead efforts to secure the software development lifecycle (SDLC), ensuring the secure design, development, and deployment of applications.
   Oversee code reviews, conduct security testing (e.g., penetration testing, vulnerability assessments), and recommend improvements.
   Ensure continuous vulnerability scanning and patch management to reduce exposure to threats.
   Coordinate with development teams to integrate security into DevOps (DevSecOps) processes.
5. Compliance & Regulatory Standards:
   Ensure adherence to relevant cybersecurity regulations and standards (e.g., ISO 27001, GDPR, PCI-DSS, NIST, HIPAA).
   Conduct regular security audits and assessments to ensure compliance with internal and external policies.
   Prepare and manage security documentation for compliance purposes, audits, and reports to senior management.
6. Security Awareness & Training:
   Lead security awareness training programs for employees across departments to improve the organization's overall cybersecurity posture.
   Advise and train staff on security best practices, threat intelligence, and how to recognize phishing attacks and social engineering tactics.
7. Leadership & Team Management:
   Lead and mentor a team of cybersecurity professionals, guiding them in their day-to-day responsibilities, career development, and security operations.
   Collaborate with senior management and IT teams to develop security strategies, roadmaps, and ensure alignment with business goals.
   Oversee the performance of cybersecurity tools, policies, and controls, ensuring optimal effectiveness.
8. Threat Intelligence & Research:
   Stay up to date with emerging cybersecurity threats, trends, and technologies by researching the latest vulnerabilities, exploits, and attack techniques.
   Use threat intelligence feeds and external resources to continuously improve security defenses and response times.
   Lead efforts to build and maintain an effective threat intelligence program for proactive security.

Job Specification:

Required Qualifications:

Experience: At least 8 years of hands-on experience in cybersecurity, with a focus on network security, incident response, risk management, and vulnerability management.

Education: Degree in Computer Science, Information Security, Network Engineering, or a related field. Relevant cybersecurity certifications (e.g., CISSP, CISM, CEH, CISA) are highly preferred.

Technical Skills:

Proficient in network security protocols (e.g., IPsec, SSL/TLS, DNSSEC), and technologies like firewalls, IDS/IPS, VPNs, and proxy servers.
Expertise in SIEM platforms (e.g., Splunk, ArcSight, QRadar).
Deep knowledge of cloud security principles and technologies, including AWS, Azure, GCP, and cloud-native security tools.
Hands-on experience with penetration testing tools (e.g., Metasploit, Burp Suite, Nmap) and vulnerability scanning tools (e.g., Nessus, Qualys).
Strong experience in cryptography, including encryption algorithms, key management, and data protection techniques.
Expertise in security architecture design and implementing zero-trust models.
Proficient in endpoint security tools, data loss prevention (DLP) systems, and antivirus software.

Soft Skills:

Strong problem-solving and analytical skills to assess, detect, and mitigate security issues.
Excellent communication skills, with the ability to explain complex security concepts to non-technical stakeholders.
Leadership abilities to manage and guide teams effectively.
Strong interpersonal skills for collaborating with internal teams, external vendors, and regulatory bodies.

Desired Skills & Attributes:

Proactive: Ability to identify potential security weaknesses before they become critical issues.
Adaptability: Comfortable working in fast-paced environments and adapting to new cybersecurity threats as they arise.
Innovative: Continuously exploring new technologies, tools, and approaches to enhance security.
Detail-Oriented: A keen eye for detail and the ability to ensure the thorough implementation of security measures across the organization.

Benefits:

Competitive salary based on experience.
Health insurance and other company benefits.
Opportunities for professional development, including certifications and attending security conferences.
Dynamic, collaborative, and forward-thinking work environment.
Flexible working hours and the possibility of working remotely.

Job Rewards and Benefits: Provident Fund