Responsibilities
Health and Safety
- Uphold the company code of conduct, policies and procedures, ensuring integrity and accountability in every aspect of your work.
- All employees have a responsibility to adhere to safety, health, and wellbeing policies, guidelines and procedures in all actions and decisions.
Network & Cloud Security Strategy
- Define and execute a comprehensive network and cloud security strategy.
- Align strategy with enterprise Cyber Prevent roadmap and risk posture.
- Establish security architecture standards for on-premise, hybrid, and multi-cloud environments.
- Drive Zero Trust Architecture ZTA adoption across network and cloud ecosystems.
- Lead transformation toward software-defined and cloud-native security models.
Network Security Architecture & Protection
- Design and implement secure enterprise network architecture.
Enforce controls for:
- Perimeter security Next-Gen Firewalls.
- Intrusion Detection & Prevention Systems IDS/IPS.
- Secure network segmentation and micro-segmentation.
- Protect against DDoS, lateral movement, and advanced persistent threats APTs.
- Establish secure connectivity frameworks VPN, ZTNA, SD-WAN security.
- Ensure secure integration across enterprise environments, partners, and third parties.
Cloud Security Multi-Cloud & Hybrid
- Lead security strategy across AWS, Azure, GCP, and private cloud environments.
- Implement:
- Cloud Security Posture Management CSPM.
- Cloud Workload Protection Platforms CWPP.
- Cloud Infrastructure Entitlement Management CIEM.
- Ensure secure cloud configurations, identity models, and access controls.
- Protect workloads across IaaS, PaaS, and SaaS environments.
- Drive compliance with cloud security frameworks CIS, NIST, ISO, CSA.
Secure Cloud Architecture & DevSecOps Integration
- Embed security into cloud-native architectures and application deployment pipelines.
- Integrate security into CI/CD pipelines and DevSecOps practices.
- Enable automated security testing.
- Infrastructure as Code IaC scanning.
- Container image security scanning.
- Ensure secure Kubernetes and container environments.
- Promote shift-left security approach.
Zero Trust & Identity-Aware Networking
- Implement Zero Trust Network Access ZTNA frameworks.
- Enforce identity-based access control and authentication mechanisms.
- Ensure least privilege access across network and cloud environments.
- Integrate security with IAM and PAM systems.
- Enable continuous verification of users, devices, and workloads.
Automation & AI-Driven Security Controls
Implement AI/ML-driven threat detection and prevention mechanisms.
- Drive automation in:
- Threat detection and response.
- Policy enforcement.
- Configuration management.
- Reduce manual overhead through security orchestration and automation SOAR.
- Enable real-time adaptive security controls.
Threat Prevention & Network Monitoring
Establish continuous monitoring for:
- Network traffic anomalies.
- Suspicious behavior patterns.
- Cloud activity logs.
- Integrate with SIEM/XDR platforms for centralized visibility.
- Improve detection of east-west and north-south traffic threats.
- Enable proactive threat intelligence integration.
Vulnerability Management Integration
Collaborate with vulnerability management teams for:
- Network infrastructure vulnerabilities.
- Cloud misconfigurations.
- Ensure timely remediation of critical security gaps.
- Reduce attack surface across network and cloud assets.
- Maintain continuous risk visibility.
Third-Party & Connectivity Security
- Secure third-party network connections and integrations.
- Define and enforce vendor access security policies.
- Ensure risk visibility across external connections and partner ecosystems.
DDOS protection
- Configure, optimize and maintain Anti-DDOS systems to protect against all types of DDOS attacks.
Operational Excellence & Service Resilience
- Ensure always-on availability of network and cloud security controls.
- Optimize performance of security tools and platforms.
- Drive standardization, automation, and process maturity.
- Establish resilient and scalable security architecture.
- Continuously improve based on threat intelligence and incident learnings.
Compliance, Risk & Governance
Ensure adherence to:
- Regulatory standards GDPR, PCI-DSS, etc..
- Internal security policies.
- Support risk assessments, audits, and regulatory reporting.
- Maintain compliance dashboards and metrics.
- Ensure alignment with enterprise risk management framework.
Core competencies, knowledge and experience:
Business Competencies
- Strong ability to align security with business transformation and cloud adoption.
- Stakeholder collaboration across IT, DevOps, and business teams.
- Risk-based decision-making with business impact awareness.
Functional Competencies
- Deep expertise in:
- Network security architecture.
- Cloud security frameworks and platforms.
- Hybrid infrastructure security models.
- Strong understanding of emerging threats in cloud and network domains.
Technical Skills
- Zero Trust Architecture implementation.
- Networking technologies i.e. Firewalls, IPS, WAF, NAC.
- Container and Kubernetes security.
- Cloud technologies i.e. AWS, Azure, GCP.
Hands-on Experience:
Perimeter & Border Controls
- Next Generation Firewalls NGFW.
- Web Application Firewalls WAF.
- Bot Management & Account Takeover Protection ATO.
- Intrusion Prevention Systems IPS.
- DDoS Mitigation Anti-DDoS.
- Network Detection and Response NDR.
- Web & Email Security Gateways WSG/ESG.
- API Security Gateways
Secure Access & Connectivity
- Virtual Private Networks VPN.
- Network Access Control NAC.
- Zero Trust Network Access ZTNA.
- Secure Access Service Edge SASE.
Cloud & Container Security
- Cloud Firewalls / Security Groups.
- Cloud Access Security Brokers CASB.
- Cloud Security Posture Management CSPM.
- Cloud-Native Application Protection Platforms CNAPP.
- Cloud Workload Protection Platforms CWPP.
- Container and Kubernetes Security.
Leadership Competencies
- Strong leadership in driving cross-functional initiatives.
- Ability to influence enterprise architecture decisions.
- Innovation mindset with focus on AI and automation adoption.
- Strong execution, delivery, and transformation leadership.
Qualifications
- Bachelor’s degree in Cyber Security, IT, Engineering, or related field
- 5-10+ years of experience in network and/or cloud security
- Proven experience in enterprise-scale cloud security and network protection
Certifications preferred:
- CISSP, CCSP, CISM
- AWS/Azure/GCP Security Certifications
- Cisco / Network Security certifications