Cyber Expert (Open also to Protected Categories, Law 68.99)

Responsibilities

• Planning, implementing, managing, monitoring, and upgrading security measures for the protection of the organization’s data, systems, and networks.
• Write Risk Management Framework (RMF)-based policies and procedures, and develop comprehensive cyber security processes to contain implementation.
• Troubleshooting security and network problems.
• Responding to all system and/or network security breaches.
• Ensuring that the organization’s data and infrastructure are protected by enabling the appropriate security controls.
• Participating in the change management process.
• Testing and identifying network and system vulnerabilities.
• Daily administrative tasks, reporting, and communication with the relevant departments in the organization.
• Evaluating the organization’s security needs and establish best practices and standards accordingly.
• Designing, implementing, maintaining, overseeing, and upgrading all security measures needed to protect organizations’ data, systems, and networks.
• Responding to all security breaches to the network and associated systems.
• Troubleshooting all network and security issues and incidents.
• Routinely conduct penetration testing and vulnerability assessment.
• Taking appropriate security measures to ensure that the organization’s infrastructure and existing data are kept safe.
• Conducting testing and scans to identify any vulnerabilities in the network and system.
• Taking an active role in the change management process.

• Act as a key advisor on cybersecurity matters, supporting both technical teams and business stakeholders in aligning security with organizational objectives.
• Lead the design, implementation, and continuous improvement of advanced cybersecurity architectures for IT, OT, Cloud, and hybrid environments.
• Coordinate and guide vulnerability assessments, penetration testing, and red team/blue team exercises to ensure proactive threat identification and mitigation.
• Monitor and analyze security incidents, leading root cause analysis and driving effective remediation and lessons-learned processes.
• Develop and enforce cybersecurity policies, standards, and procedures in alignment with international frameworks (NIST, ISO 27001, NIS2, IEC 62443).
• Collaborate with risk management, compliance, and legal teams to ensure adherence to regulatory requirements (GDPR, DORA, ACN guidelines).
• Provide technical mentoring and knowledge transfer to junior engineers and colleagues, fostering a culture of cybersecurity awareness.
• Lead the evaluation, selection, and integration of innovative cybersecurity tools (SIEM, SOAR, EDR, XDR, threat intelligence platforms).
• Support crisis management and incident response exercises, including collaboration with CSIRT/CSOC teams.
• Report regularly to senior management on cybersecurity posture, risks, and improvement opportunities.
• Contribute to the evolution of the company’s cybersecurity products and services portfolio by providing technical expertise, feedback from operations, and identification of emerging customer needs.
• Actively support pre-sales and solution design activities, collaborating with business development teams to adapt and tailor the company’s cybersecurity offerings to client requirements.