Cyber Security Strategist

The Cyber Security Strategist will play a strategic role in designing, implementing, and maintaining the security architecture for our enterprise and cloud environments. This role ensures that security solutions align with the organisation's broader technology strategy and business goals. The Cyber Security Strategist collaborates closely with platform, product, development, and enterprise IT teams to integrate security into the development and deployment processes, contributing significantly to the company's overall security posture.,

• Develop and implement security solutions that align with the organization's broader technology strategy and business goals.


• Create and enhance security architectures, ensuring integration and alignment within the enterprise's technical and business areas, following frameworks or standards like NIST-SSDF, 800-53, CSF, or ISO27001.


• Work closely with compliance functions, perform threat models and risk assessments, ensure regulatory compliance (e.g., PCI/DSS, SOX, GDPR), and draft/update standards to address security gaps.


• Manage stakeholder relationships, advise leadership on security risks and solutions, and influence decision-making to align with security best practices and business objectives.


• Work closely with platform, product, development, and enterprise IT teams to integrate security into all phases of the system development lifecycle.


• Implement and oversee security solutions to protect critical infrastructure and sensitive data.


• Conduct risk assessments and develop strategies to mitigate identified risks.


• Maintain detailed documentation of security architectures, policies, and procedures.


• Perform regular security assessments and audits to ensure the effectiveness of security controls.


• Provide detailed reports to the CISO highlighting findings from security assessments, identified risks, remediation steps, and recommendations for improvement.


• Collaborate with enterprise IT teams to ensure seamless integration of security solutions within the existing IT infrastructure and processes.
  
  Deep understanding of security frameworks, enterprise and cloud security architectures, and risk management.


• Ability to analyse complex security issues and develop innovative solutions to mitigate risks.


• Excellent communication and interpersonal skills to collaborate effectively with various stakeholders, including enterprise IT teams.


• Proven experience in leading security projects and managing cross-functional teams.


Preferred skills:


• Proficiency in security technologies and tools, such as firewalls, intrusion detection systems, encryption solutions, and vulnerability management tools.


• Relevant certifications such as CISSP, CISM, or CCSP.


• Experience with cloud security platforms (AWS, Azure, GCP).


• Familiarity with secure coding practices and DevSecOps.


• Experience with enterprise IT systems and integration of security solutions within large-scale IT environments.