Cybersecurity Manager

Job Summary:The Cybersecurity Manager leads the organization’s cybersecurity operations with a strong hands-on approach, focusing on real-time threat detection, incident response, and risk mitigation. The role is responsible for monitoring security events, conducting log analysis, managing incident triage, containment, investigation, and remediation, while leveraging deep expertise in network protocols, security technologies, and attacker methodologies. Additionally, the role contributes to strengthening the organization’s cyber defense posture by analyzing system behaviors, identifying vulnerabilities, and continuously enhancing security controls and processes.Responsibilities:Operational Security & Incident Response ManagementLead hands‑on incident investigations, root-cause analysis, and real-time incident containment.Perform real‑time containment of threats, malware analysis, and attack path reconstruction.Drive alert triage from SIEM, EDR, firewalls, mail gateways, DNS security, and cloud platforms.Develop and tune detection rules to improve signal‑to‑noise across security tools.Threat & Vulnerability ManagementConduct vulnerability scans, confirm exploitability, and prioritize remediation.Perform threat hunting and anomaly investigations across on‑prem and cloud workloads.Analyze unusual traffic patterns, authentication anomalies, cloud events, and endpoint behavior.Track latest TTPs (MITRE ATT&CK) and implement preventive controls.Infrastructure SecurityDeep understanding of TCP/IP, TLS, SMTP, DNS, VPN, and enterprise network flows.Oversee hardening of servers, endpoints, applications, and cloud environments.Ensure secure configurations for AD, M365, Azure/AWS, conditional access, MFA, privilege boundaries network devices, and perimeter firewalls.Security Tools ManagementOperate and optimize EDR, SIEM, email security, DLP, WAF, IDS/IPS, and PAM solutions.Evaluate new tooling and design detection strategies against emerging threats.GovernanceUnderstanding of frameworks (ISO 27001, NIST, CIS).Maintain core technical playbooks (IR runbooks, DR steps, containment guides).Maintain essential policies and procedures (incident response plan, DR playbooks, acceptable use).Ensure compliance with PDPL, GDPR, NIST CSF.Collaboration & LeadershipWork with IT Infrastructure, Applications, Cloud, and Business Units to resolve cyber risks.Provide technical guidance to junior cybersecurity engineers.Knowledge, Skills & Experience:Bachelor’s degree in computer science, Information Security, or a related field.8-10 years of hands‑on cybersecurity experience (incident response, SOC, threat analysis).Strong hands-on experience in detection, response, risk, and governance.Ability to design and run cybersecurity programs.Experience managing or mentoring small teams.Proven ability to independently lead technical investigations.Relevant certifications such as CISSP, CISM, CRISC, CYSA+, CCNA Cybersecurity, GIAC (GCIA / GCED / GCIH).