# Cybersecurity Manager **Company:** [Eva Pharma](http://jobs.workable.com/companies/cVu9CoRuY1pLdxtN9NyNNA.md) **Location:** Giza, Egypt **Workplace:** hybrid **Employment type:** Full-time **Department:** Digital Transformation [Apply for this job](http://jobs.workable.com/view/8d8eadd8-24ad-4909-8398-5394b9a6bac2) ## Description Join EVA Pharma, a leading pharmaceutical company dedicated to empowering the fight for Health and well-being as a fundamental human right. Recognized and certified as a best place to work, we are committed to fostering a supportive and innovative environment for our team members.  **Job Summary**  As a **Cybersecurity Manager**, you will have total ownership of our security posture, strategy, and execution. This position demands a rare blend of strategic leadership and deep technical execution; you won't just oversee policy; you will actively build and refine our defences. The ideal candidate has a proven track record of running a SOC, navigating complex regulatory audits, and managing budgets, combined with the agility to scale these functions in a fast-paced environment. **Key Responsibilities:** - **Security leadership & strategy:** owning the roadmap, the team, and the budget, and translating risk into decisions the business understands. - **Detection & response:** leading SOC operations and the full incident response lifecycle, hands-on with modern detection and response, threat intelligence, and security orchestration. - **Offensive security:** directing vulnerability management, penetration testing, and proactive testing of our own defences. - **Secure architecture:** designing and enforcing controls across identity, access, endpoints, and network, in both on-premises and multi-cloud environments. - **Application security:** embedding secure design, threat modelling, and security into the development lifecycle. - **Governance, risk & compliance:** building and maintaining our GRC program against recognized standards (ISO 27001, GDPR, and local data protection law) and owning internal and external audits. - **Resilience:** building and testing our business continuity and disaster recovery capability. ## Requirements - Bachelor's degree in computer science or a related field (master's a plus) - **8+ years in information/cyber security, with 3+ years leading a team** and real ownership of people and budget, not just projects. - **Deep, hands-on technical depth** — you've personally led SOC operations and worked directly with detection and response, SIEM/SOAR, threat intelligence, and incident response. You've run vulnerability management, penetration tests, and other offensive techniques yourself. - **Strong GRC experience** — you've actually implemented standards like ISO 27001 and GDPR (not just read about them) and built BCP/DR programs from the ground up. - **Secure architecture experience** — across on-premise and cloud (Azure, GCP, AWS, OCI), covering IAM, MFA, patch management, least privilege, device management, and physical security. - **Secure application experience** — threat modelling and DevSecOps. - **Relevant certifications** — CISSP, CISM, and/or ISO 27001 Lead Implementer/Auditor. - **Financial and budgeting experience**, strong stakeholder management, and the ability to lead security awareness across the organization