Cyber Security Specialist

Job Purpose:

As a Cybersecurity Specialist, the job holder will be responsible for protecting ZOSCO's computer systems and networks from various cyber threats. The job holder will analyze vulnerabilities, implement security measures, and respond to incidents while working closely with other IT professionals to safeguard sensitive data and ensure regulatory compliance.

Roles & Responsibilities:

• Administer and review cybersecurity policies, procedures, and standards annually.
• Support the implementation and periodic review of cybersecurity risk management methodology and procedures.
• Ensure the implementation of cybersecurity policies, procedures, and standards and cybersecurity risk management process.
• Conduct risk assessments and monitor the status of risks and actions taken in coordination with stakeholders.
• Define risk-related responsibilities in coordination with stakeholders.
• Prepare risk assessment reports and approve them by the Cybersecurity Manager.
• Implement and annually review the cybersecurity compliance program.
• Support the development of a cybersecurity awareness and training program.
• Implement a cybersecurity awareness and training program with the Corporate Human Resources Department and measure employee compliance with cybersecurity awareness.
• Prepare and approve cybersecurity compliance reports by the Cybersecurity Manager.
• Conduct monitoring and reporting activities related to cybersecurity compliance.
• Provide and monitor a Security information and event management (SIEM) system.
• Handle cybersecurity incidents, follow up on their closure, and escalate existing incidents that exceed the established Service Level Agreement.
• Continuously assess vulnerabilities and monitor the implementation of security patches and configurations.
• Conduct periodic penetration tests on all externally provided services and their technical components to assess the level of cybersecurity.

Qualifications:

• Over 5 Years of experience as a Cybersecurity Specialist or in a similar role.
• Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field.
• Strong understanding of security protocols, risk management, and vulnerability assessment tools.
• In-depth knowledge of Governance, Risk, and Compliance (GRC) frameworks and processes.
• Familiarity with firewalls, intrusion detection systems, and other security technologies.
• Knowledge of regulatory requirements of NCA and Haseen.
• Registered with NCA/Haseen.
• Knowledge of regulatory requirements and standards such as ISO 27001.
• Excellent analytical and problem-solving skills, with attention to detail.
• Strong communication skills, both written and verbal.
• Relevant certifications (e.g., CISSP, CEH, CompTIA Security+) are a plus.