Job Description

Mission/ Core Purpose of the Job:

The Manager: Cyber Defence is responsible for overseeing the Cyber Defence operations. The role engages with key business and operational partners in managing the detection, response, and remediation of cyber related attacks on Bayobab's network and its systems while contributing and delivering services and projects that support the strategy, priorities and objectives of the organisation. The incumbent will be responsible for continuously performing specialised threat hunting and taking the lead during incident investigation to drive speedy resolution to minimise potential data leakage and financial loss to Bayobab.

Key Performance Areas: Core, essential responsibilities / outputs of the position (KPA's)

Strategy Development and Implementation


Provide reports and analysis to support and contribute to the development of the functional strategy in line with the overarching business goals Ensure accurate and timely reporting to enable the regular review of the functional strategy, roadmap and performance to ensure its alignment with the changing dynamics of the internal and external ecosystem Manage Security Operations, third party services and Bayobab Group cyber defence services, ensure SLAs are met and monthly performance meetings are taking place Research and keep abreast on cyber-attacks and threats in order to continuously protect Bayobab against new types of attacks. Ensure incident identification, assessment, quantification, reporting, communication, and mitigation while confirming SLA compliance, process adherence, and process improvisation to achieve operational objectives Perform threat management, threat modelling, identify threat vectors and develop use cases for security monitoring, maintaining working knowledge of cyber threat actor tactics and techniques Integrate standard and non-standard logs and review/ revise the processes to strengthen cyber security operations Lead efforts and participate in audits covering cyber defence Assess and develop cyber resilience roadmaps to improve Bayobab's security posture by identifying security gaps to manage existing and emerging security risks Implement cyber threat and vulnerability management strategies and operational requirements (Cyber Defence) Assist to drive strategic alignment of the Group cyber incident response operations o Develop a standardised set of responses to cyber security breaches with responses varying according to the level of cybersecurity breaches Perform specialist level response to security incidents and lead Technology teams during a cyber-incident Revise and develop processes to strengthen the current Security Operations Framework (where required), review policies and highlight the challenges in managing SLAs Provide vulnerability analysis specific input to Bayobab's information security strategy Develop, integrate and monitor detailed Bayobab business plans for vulnerability analysis in accordance with the frameworks, goals and targets agreed Organise and execute periodic vulnerability assessments and Pen Tests by applying knowledge of scanning tools and emerging risks Work with Group Cyber Defence to coordinate scans with all relevant Bayobab verticals, including the distribution of notices or notifications, and the management of logistical requirements Lead process optimisation, enhancement, efficiency and continuous improvement on initiatives and programmes within threat and vulnerability management, as well as benchmark and analyse trends to optimise internal processes Track and prioritize the remediation of vulnerabilities, according to their level of criticality and their potential risk to the business of the affected asset. Report on the status of the resolution of vulnerabilities on a period basis Analyse and identify vulnerability analysis trends across the organisation and compile consolidated reports on the status of vulnerability analysis for regular updates to management Consolidate reports, dashboards, metrics and internal operations and present to Management Transfer knowledge of methodologies, processes and tools to relevant stakeholders (as and when required) o Become the "go-to" specialist on all cyber resilience matters

Strategic Meetings

Set up / participate in ad-hoc operational meetings Participate and provide input in strategic meetings o Perform evaluation baseline of key performance indicators (KPIs) Request for relevant budget for internal projects and new initiatives Facilitate preparation of proposals on change initiatives, policies, and procedures

Escalations

Manage and resolve escalations that have impact on critical path of service delivery Escalate issues that will result in severe time, scope, productivity, and cost or resource or reputational impact Manage and provide solutions to escalations that have multiple processes / functions impact on critical path of service delivery Manage and provide solutions through stakeholder consultation where relevant

Function Tactical

Review all projects initiated (internal or global) Input on objectives, targets, and budgets for sub-function as applicable Action key risks, issues and dependencies and set mitigation actions Facilitate in sign-off / making decisions regarding tactical changes

Reporting

Report on a periodic basis on progress made within the function and in accordance with the measurement metrics set by the organisation Report on an ad hoc basis on specific projects, as required

Job Requirements:

Education:


4-year Information Technology/ Information Systems/ Business Science (or related) Degree CISM/ CISSP/ CEH/ GCIH/ CompTIA Security+/CompTIA PenTest+ certification Other information security certifications or qualifications advantageous

Experience:

3 - 5 years of relevant work experience (similar to the role) Experience working in a medium to large organization Worked across diverse cultures and geographies; Pan Africa multi-cultural experience is advantageous

Competencies:

Experience in large scale information security projects /vendor relationships In-depth knowledge and experience of security concepts such as cyber-attacks and techniques, threat vectors, threat hunting, threat intelligence (tools and sources), EDR,UEBA, CASBs, PAM, SDP, incident and vulnerability management as well as TTP's (tactics, techniques and procedures). Experience in security device management and SIEM Experience in threat management and continuous assessment Knowledge of various operating systems including but not limited to Windows, Linux, Unix Familiarity and knowledge of security frameworks (NIST CSF, CIS, ISO) Proficient in report writing, dashboards and documentation Understanding of current information security challenges and solutions; industry trends Skills Strong Analytics/data interpretation and presentation skills Detailed oriented problem solver. Dealing with ambiguity and complexity. Decision Making. Project Management. People Management. Excellent written, oral and presentation skills. Strategic thinking Conflict management Ability to cope with stress Ability to exercise patience Ability to deal with change in fast-paced environment

Behavioural Qualities

Proactive Adaptable Complete candor Culturally aware Emotional Maturity Innovation Integrity Leadership * Team Playe