Manager - Cybersecurity

The Cybersecurity Manager will lead the organisation's security posture, deliver the execution of key security initiatives in the GDC air gapped and hybrid environments, and support Gamuda Dnex Cloud's market presence within the specialised air gapped sovereign cloud sector. This role demands a unique blend of technical cybersecurity expertise, robust  management skills, and a strong operations acumen to navigate the complexities of this highly regulated  and security-sensitive market.

1. Cybersecurity Operations Management & Support 

• Manage 24/7 security monitoring through SIEM, EDR, IDS/IPS.
• Lead incident response processes including triage, containment, recovery, and reporting.
• Conduct threat hunting and integrate controlled threat intelligence sources.
• Maintain post-incident analysis and manage security documentation.

2. Vulnerability Management 

• Perform vulnerability assessments and categorization using tools like Tenable/Nessus. 
• Manage secure patch acquisition and deployment with validation and rollback procedures.
• Enforce secure system configurations and monitor unauthorized changes. 

3. Identity & Access Management (IAM) 

• Monitor access logs for anomalies and enforce least privilege principles.
• Manage privileged access (PAM), and oversee authentication token issuance and revocation.
• Conduct periodic audits of access rights and activities.

4. Data Security 

• Manage encryption key lifecycle and monitor Hardware Security Modules (HSM).
• Implement data loss prevention (DLP) strategies within air-gapped constraints.

5. Compliance & Auditing 

• Maintain and secure audit logs for user, admin, and system activity.
• Monitor and report on compliance with frameworks like NIST, FedRAMP, and FIPS.
• Support external audits, regulatory reviews, and compliance reporting. 

6. Security Engineering & Optimisation 

• Manage and optimize security tools (SIEM, EDR, SOAR).
• Implement automation to improve threat detection and incident response.
• Maintain playbooks and regularly update security documentation.
• Drive continuous improvement of cybersecurity processes and tooling 

7. Leadership & Governance 

• Lead a team of cybersecurity professionals with focus on sovereign cloud and air-gapped operations.
• Provide technical training, mentorship, and ensure knowledge transfer within the team.
• Manage relationships with regulators, auditors, and government clients.
• Promote a culture of compliance, security awareness, and operational excellence. 

• Bachelor's degree in Computer Science, Cybersecurity, or a related field
• 6-8+ years of experience in cybersecurity, with a focus on SecOps management, security architecture, and  SIEM/SOAR development within highly regulated or security-sensitive industries.
• Deep understanding of air-gapped environments, sovereign cloud solutions, and national security regulations.
• Proven experience in managing complex security programs and projects within restricted or isolated environments. Experience in Chronicle would be an advantage for this role.
• Strong support experience in developing and executing cybersecurity and Modern SecOps strategies for complex  technical solutions.
• Project management skills, including knowledge of project management methodologies (e.g.,  PMP, Agile/Scrum).
• Strong leadership, communication, and interpersonal skills.
• Ability to work effectively in a fast-paced and dynamic environment.
• Relevant cybersecurity certifications (e.g., CISSP, CISM, Palo Alto Certified/Admin/Architect, Splunk Enterprise Architect/Admin/Power User, Modern SecOps,CEH).

Preferred Qualifications:

• Experience working with government agencies or critical infrastructure providers. 
• Experience with cloud security and compliance frameworks specific to sovereign cloud environments.
• Strong network of contacts within the government and defense sectors.
• Experience with security automation and orchestration in air-gapped environments. Key

• Air-gapped security architecture and implementation
• Sovereign cloud compliance and governance
• Programme and project management in restricted environments
• Business development and sales in the government sector
• Incident response and security operations in isolated environments
• Risk management and compliance
• Team leadership and development
• Communication and stakeholder management

• 6-8+ years of experience in cybersecurity, with a focus on SecOps management, security architecture, and  SIEM/SOAR development within highly regulated or security-sensitive industries.