About the Role

Department/Section: Technology / Technology CT Planning and Deployment

Job Title: Cybersecurity Planning & Deployment Advance Specialist

Reports to: Infrastructure Planning & Deployment Manager

Job Purpose

As a Cybersecurity Architecture Advance Specialist, you will collaborate closely with Strategy, Operations, SOC, ERM, and Vendors to enhance Zain Sudan's security capabilities against advanced persistent threats (APT) and other cyberattacks using cybersecurity frameworks such as NIST CSF and MITRE ATT&CK.

Your primary responsibilities will include evaluating the organization's current cybersecurity capabilities, identifying gaps in the security posture, designing and deploying security solutions, ensuring alignment with industry standards, and minimizing the organization's attack surface exposure across the Identify, Protect, Detect, Respond, and Recover value chain.

 Key Tasks / Accountability

Security Capability Assessment

Conduct comprehensive evaluations of the organization's current cybersecurity capabilities and maturity, identifying areas for improvement.

Benchmark the organization's security posture using industry standards such as NIST CSF, ISO 27001, and the MITRE ATT&CK framework to measure current capabilities.

Identify security gaps across people, processes, and technology, with a particular focus on adversarial tactics, techniques, and procedures (TTPs) as outlined by the MITRE ATT&CK framework.

Develop a roadmap to enhance security maturity and address identified gaps, ensuring alignment with industry best practices.

Solution Design in Alignment with NIST CSF and MITRE ATT&CK

Collaborate with vendors to design and deploy end-to-end security solutions across the CSF value chain, ensuring a robust and comprehensive security architecture:

Identify:

Design and implement threat modeling processes, incorporating TTPs from the MITRE ATT&CK framework to assess risk and vulnerabilities.

Maintain and update a dynamic risk register that reflects changing threat landscapes and security priorities.

Protect:

Design and deploy defense solutions across key areas, including:

Endpoint Protection: AV, XDR, UEBA.

Network Security: NGFW, UTMs, WAF, IPS, Secure DNS.

Access Control: IAM, NAC, MFA, PAM, ZTNA.

Email Security: Anti-phishing, Email Filters.

Threat Intelligence Platforms (TIP) and Threat Hunting Tools (anomaly, statistics, honeypots).

Network Segmentation to block common attack vectors and limit lateral movement.

Signaling Firewalls (e.g., Diameter and SIP) to secure telecom protocols and prevent SS7, Diameter, and IMSI catching attacks.

Detect:

Implement detection solutions, including SIEM, NTA, UEBA, and TIP, to detect adversary behaviors and techniques aligned with the MITRE ATT&CK framework.

Work with SOC and ERM to continuously refine and improve detection mechanisms, reducing false positives and ensuring timely incident identification.

Respond:

Collaborate with the SOC team to design and automate response playbooks and workflows, ensuring that incident response processes align with MITRE ATT&CK techniques.

Implement and integrate SOAR platforms to orchestrate incident response actions and improve response times.

Support proactive threat hunting and incident mitigation by continuously adapting the response strategies to new attack patterns.

Recover:

When needed, work with the SOC team to define and design recovery workflows, ensuring quick restoration of services after an incident.

Typical Performance Measures

Completion of Security Capability Assessments

Timely Design and Deployment of Security Solutions

Successful Integration of Solutions with Operational Processes

Effective Vendor Selection and Evaluation

Improvement in Zain Sudan’s Cybersecurity Capability Maturity

Dimensions    

Report to: Infrastructure Planning & Deployment Manager

Level: Advance Specialist

Scope: Direct influence on Zain Sudan’s Cybersecurity Design, modernization and maturity

Collaboration: Work across multiple teams (Strategy, Operations, SOC, ERM, and Vendors) to align assessments, solution roadmaps and operations

Cyber Security Solution Deployments and Designs

What We Need From You

Personal Specifications

Qualifications/Experience

Bachelor’s degree in engineering, Computer Science, or a related field.

Working experience of at least 3 years in a SOC or Cybersecurity related environment

Knowledge or experience in cybersecurity design and solution, particularly within the context of NIST CSF and MITRE ATT&CK.

Strong security tools and technologies knowledge, including AV, XDR, NGFW, WAF, IPS, IAM, MFA, ZTNA, SIEM, SOAR, TIP, UEBA, Telecom Signaling Firewalls, and NTA.

Hands-on experience designing security solutions across the Identify, Protect, Detect, Respond, and Recover functions.

Good knowledge and/or experience working in a Security Operations Center (SOC) or similar environment

Strong analytical skills, with the ability to identify gaps in security posture and design tailored solutions to address those gaps.

Excellent communication skills, capable of presenting complex technical issues to both technical and non-technical stakeholders.

Certifications such as CISSP, Security+, CISM, CISA, AWS Certified Security Specialty, or other relevant cybersecurity certifications is a plus.

Skills

Cybersecurity Framework Knowledge: mainly CSF and MITRE ATT&CK

Expertise in identifying and assessing adversarial tactics, techniques, and procedures (TTPs) using the MITRE ATT&CK framework.

Technical Expertise in Security Solutions

Knowledge of security protocols, threat detection, and defense technologies.

Proficiency in designing and deploying security solutions across the Identify, Protect, Detect, Respond, and Recover functions.

Ability to conduct comprehensive risk assessments and gap analyses.

Collaboration and Stakeholder Management

Hands-on experience with SIEM and NTA tools to monitor and detect adversarial behaviours.

Knowledge of using Threat Intelligence Platforms (TIP) and UEBA for advanced threat detection

Vendor Management: experience working with vendors to design and deploy end-to-end security solutions and ability to assess vendor products, negotiate, and ensure that security solutions meet the organization's needs.

Problem Solving skills

Passionate, Self-Motivated and proactive

Behaviours for Success

Accurately assess and benchmark the organization’s cybersecurity posture

Successful design and implementation of end-to-end security solutions across all phases of the CSF value chain

Effective implementation of proactive detection tools (e.g., SIEM, NTA, TIP) and automation of incident response processes (e.g., SOAR).

Limiting the organization’s attack surface

Working effectively with various stakeholders, including Strategy, Operations, SOC, ERM, and vendors.

Creating and executing a roadmap to enhance the organization's security maturity.