Job Description

Castlery is looking for a Lead Cybersecurity Specialist to join our IT Department.

As the Lead Cybersecurity Specialist, you will be responsible for overseeing and implementing the organization\'s cybersecurity strategy and ensuring the protection of our IT infrastructure, data, and assets. You will play a critical role in safeguarding our company from potential cyber threats and ensuring compliance with industry regulations.

Join our team and play a pivotal role in safeguarding our company\'s assets, data, and reputation from cyber threats. Help us maintain the highest standards of cybersecurity across our global operations and drive continuous improvement in our security practices.

What you\'ll be doing

• Develop and Implement Cybersecurity Strategy: Formulate and execute a comprehensive cybersecurity strategy that aligns with the company\'s objectives and risk appetite. Continuously evaluate and update the strategy to address emerging threats and challenges.
• Data Security and Privacy: Oversee the protection of customer data, financial information, and other sensitive data. Implement and enforce data security measures and privacy controls to prevent unauthorized access and data breaches.
• Cloud Security: Ensure the secure configuration and management of our cloud infrastructure (AWS) and applications hosted on cloud platforms. Implement best practices for cloud security, including access controls, encryption, and monitoring.
• Cybersecurity Awareness and Training: Conduct regular cybersecurity awareness training for all employees to educate them about potential threats and the importance of adhering to security best practices.
• Incident Response and Management: Develop and maintain an effective incident response plan to handle and mitigate cybersecurity incidents promptly. Lead incident response activities when security breaches occur and conduct post-incident reviews for continuous improvement.
• Network and Endpoint Security: Implement and maintain network security controls, firewalls, intrusion detection systems (IDS), and intrusion prevention systems (IPS). Ensure endpoint security measures are in place to protect laptops and devices used by employees.
• Vendor and Third-Party Security: Review and assess the security practices of third-party vendors and SaaS providers to ensure their compliance with our security standards.
• Compliance and Regulatory Adherence: Stay up to date with cybersecurity regulations and industry standards. Ensure the company\'s cybersecurity practices comply with relevant laws and regulations.
• Security Audits and Vulnerability Assessments: Conduct periodic security audits and vulnerability assessments to identify potential weaknesses and gaps in the security infrastructure. Remediate identified vulnerabilities and track their resolution.
• Physical Security: Collaborate with facilities management to implement physical security measures at company premises, including showrooms, to prevent unauthorized access and protect physical assets.

What you\'ll need

• Bachelor\'s degree in Computer Science, Information Technology, or a related field.
• Proven experience as a Cybersecurity Specialist or similar role with at least 6 years of relevant work experience.
• Industry certifications such as CISSP, CISM, or CISA are highly desirable.
• Deep knowledge of cybersecurity principles, best practices, and frameworks.
• Experience with cloud security, network security, and endpoint security solutions.
• Familiarity with common cybersecurity tools and software.
• Strong analytical and problem-solving skills with the ability to respond to and manage cybersecurity incidents effectively.
• Excellent communication skills to educate and train employees on cybersecurity practices.
• A proactive and detail-oriented approach to security assessments and risk management.

What we promise

Our first promise - the ride of a lifetime

You\'ll be joining a company in its most exciting phase; we\'ve proven our product market fit, and with the growing online penetration of furniture, we\'re now focused on hypergrowth. You\'ll have a front-row seat in witnessing the growth of our customer-base and organisation at a global-level.

Our second promise - a place to thrive

We\'re building a company that has people as one of the company\'s core pillars for success. It\'s our mandate to help every employee perform to their highest potential so that they can do the very best work of their lives here, at Castlery.

We\'re committed to our employees\' growth, and continuously strive to ensure our employees are set up for success through their journey, starting with an excellent onboarding experience, and carrying over into emphasis on personal and professional development.

Castlery strives to maintain a psychologically safe, transparent, and flexible work environment to enable our people can perform at their best level and believes in partnering our employees to raise that level as they grow with us.

Castlery