The Cybersecurity Analyst acts as a senior technical lead and operational supervisor for the university’s security function. This role combines hands-on technical analysis with management responsibilities, ensuring that security monitoring, incident response, and compliance activities are executed effectively.

Key Responsibilities

• Lead and Oversee Security Monitoring: Supervise the continuous monitoring of security alerts, logs, and events from security tools to ensure timely identification, triaging, and remediation of potential threats and vulnerabilities.
• Advanced Risk Assessment & Management: Perform and oversee the continuous identification of security-related risks and control gaps, ensuring emerging threats affecting university systems and data are documented in the risk register.
• Incident Response Leadership: Lead security incident response activities, including technical investigation, forensic evidence collection, and root cause analysis, while managing communication and escalation to the CIO.
• Strategic Vulnerability Management: Direct regular vulnerability assessments and security audits, prioritizing remediation actions based on business impact and tracking them to successful closure.
• Governance & Compliance Oversight: Perform and manage continuous security audits to ensure institution-wide adherence to internal policies and external regulatory requirements (e.g., NIST, ISO 27001).
• Policy Development & Optimization: Review, develop, and improve security policies, standards, and SOPs to ensure they align with evolving cybersecurity best practices and institutional goals.
• IAM Strategy & Oversight: Manage identity and access management (IAM) activities, overseeing user access reviews, privileged access management, and the implementation of multi-factor authentication.
• Cross-Functional Collaboration: Lead collaboration with network, infrastructure, and IT operations teams on security-centric projects, system hardening, and secure configuration baselines.
• Security Architecture & Project Review: Provide senior-level security input for IT projects, reviewing system designs and assessing risks to ensure security requirements are integrated from the inception phase.
• Process Improvement & Automation: Analyze existing IT security processes, drive process improvement initiatives, and implement automated workflows to enhance the efficiency of security operations.
• Framework Alignment: Ensure the university’s cybersecurity framework remains compliant with applicable standards and national guidelines, adapting strategies to meet new regulatory changes.
• Cybersecurity Awareness Leadership: Lead the development and delivery of cybersecurity awareness initiatives for staff and students, contributing high-level training materials and best-practice campaigns.
• Governance Documentation: Maintain and verify the accuracy of security documentation, audit records, and risk reports to support governance, risk management, and compliance (GRC) activities.

Required Qualifications

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related field. A Master’s degree or relevant postgraduate qualification is highly preferred.
• Minimum of 5–7 years of experience in cybersecurity operations, with at least 2 years in a senior analyst or supervisory role.
• Professional security certifications such as CISSP, CISM, CISA, GCIH, or equivalent are highly advantageous.
• Advanced understanding of cybersecurity concepts, including advanced persistent threats (APT), zero-day vulnerabilities, malware analysis, and defensive security controls.
• In-depth technical knowledge of Windows and Linux operating systems, including system hardening and kernel-level security configurations.
• Comprehensive understanding of networking concepts such as TCP/IP, DNS, BGP, next-generation firewalls (NGFW), and zero-trust network architecture.
• Proven ability to lead structured security processes, manage incident response lifecycles, and drive continuous improvement initiatives across a department.
• Strong experience in regulatory compliance, with the ability to map technical controls to frameworks such as ISO 27001, NIST CSF, or CIS Critical Security Controls.

Preferred Skills & Knowledge

• Experience with security tools such as vulnerability scanners, SIEM platforms, endpoint security, or log analysis tools.
• Knowledge of security frameworks and standards such as NIST, ISO 27001, CIS Controls, or similar.
• Basic scripting or automation skills (e.g. Python, Bash, PowerShell) to support security operations.
• Experience supporting or participating in security audits, compliance assessments, or risk management activities.
• Strong documentation, reporting, and analytical skills.

Personal Attributes

• Strong interest in cybersecurity and commitment to continuous professional development.
• Analytical mindset with strong problem-solving and investigative skills.
• High attention to detail and ability to work methodically and accurately.
• Good communication skills and ability to collaborate effectively with technical and non-technical stakeholders.
• Strong ethical standards with respect for data privacy, confidentiality, and responsible security practices.’