Job Description
Vacancy @ Sri Lanka CERT
Chief Executive Officer
Founded in 2006, the Sri Lanka Computer Emergency Readiness Team (Sri Lanka CERT) is Sri Lanka's National CERT and serves under the supervision of the Ministry of Digital Economy.
The CEO will manage, provide direction and thought leadership, liaise with national and international organisations, and carry out all required functions to ensure Sri Lanka CERT is the primary national entity for the prevention, detection, and resolution of Cyber Security threats.
Key responsibilities and accountabilities:
- Responsible for the implementation of the strategic directions as set down by the Board.
- Provide strategic leadership to the CERT team, setting the overall direction, vision, and goals for the organization's cyber-security efforts.
- Oversees the day-to-day operations of the CERT, including managing resources, budgeting, and ensuring efficient allocation of personnel and technology to respond to incidents effectively.
- Responsible for developing and implementing incident response plans and procedures to effectively detect, analyze, and respond to cyber-security incidents such as data breaches, malware infections, and cyber-attacks.
- Work closely with internal teams and external stakeholders, including government agencies, law enforcement, industry partners, and other CERTs, to coordinate responses to cyber-security incidents and share threat intelligence.
- Assess cyber-security risks and develops strategies to mitigate these risks, including implementing security best practices, conducting risk assessments, and implementing security controls to protect critical assets and data.
- Collaborate with legal and regulatory teams to develop cyber-security policies and procedures that comply with relevant laws, regulations, and industry standards.
- Promote cyber-security awareness and training programs to educate employees and stakeholders about cyber-security best practices, threats, and how to respond to incidents effectively.
- Serve as the primary spokesperson for the CERT, communicating with senior management, board members, stakeholders, and the public about cyber-security incidents, response efforts, and mitigation strategies.
- Drive a culture of continuous improvement within the CERT, regularly review and update incident response plans, procedures, and technologies to adapt to evolving cyber threats and organizational needs.
- Manage communication with government and other stakeholders within the guidelines of Sri Lanka CERT.
- Take ownership for implementing the Cyber Security strategy, including adjustments to address emerging threats and influence senior government stakeholders in driving the national cyber security agenda.
- Liaise with international security networks and build partnerships for sharing intelligence and best practices.
- Foster an action-oriented culture to deliver results and ensure a positive and motivated workforce through appropriate employee engagement.
- Guide, encourage and assist the establishment of sector-based and organizational Computer Incident Response Teams (CIRTs).
- Ensure global and regional co-operation by continuing to perform the task of national contact point for the Asia Pacific CERT, FIRST (Forum for Incident Response and Security Teams), and the National CERTs of other countries.
Qualifications and Experience:
- A Bachelor's Degree (SLQF 5 or 6) in Information Security, Cyber-Security, Computer Science, Computer Engineering, Information Technology or any other field relevant to the post, obtained from a local or foreign university, recognized by the University Grant Commission (UGC) in Sri Lanka.
- A Post Postgraduate Degree (Master’s) (SLQF 9 or above) in Computer Science, Information Security, Cyber-security, Computer Engineering, Information Technology or any other field relevant to the post, obtained from a local or foreign university recognized by the University Grant Commission (UGC) in Sri Lanka or Associate/Fellow Membership of a recognized professional institution in Information Security, Cyber-Security, Computer Science.
- WITH 14 years or above industry experience in the field of information and Cyber security out of which 05 years should be in a Senior Management position of successful policy leadership with evidence of handling strategic issues within a reputed private sector cyber-security service provider, public corporation, statutory board, fully government owned company, or a reputed commercial establishment, after obtaining the first Degree.
Variety of Skills should include:
- Ability to work effectively with diverse stakeholders, including government officials, industry leaders, and technical experts.
- Proven experience in strategic planning and execution.
- Strong understanding of cyber-security principles, practices, and the global threat landscape.
- Excellent leadership, organizational, and decision-making skills
- Exceptional communication and interpersonal skills.
- Strong financial acumen and experience managing budgets and financial resources.
- High ethical standards and integrity.
Other General Qualifications
Candidates should fulfil the following general requirements:
- Age should be not less than 40 years and not more than 55 years.
- Should be a citizen of Sri Lanka.
- Should be physically and mentally fit to discharge the duties of the post well and to serve in any part of the Island.
- Should be of excellent moral character.
- Should have a good command of the English and Sinhala/Tamil language as interactions with high-level national institutions, international agencies and other institutions overseas is a job requirement.
- Familiarity with the global trends in IT which relates to information security, latest development in cyber-security domain, national priorities to mainstream digitalization, and related knowledge will provide an advantage.
Salary will be based on current industry standards and includes travel allowance in addition to numerous overseas travel and career enhancing opportunities.
If you are confident that you are the ideal candidate for this position, e-mail your resume with a recent photo and two non-related referees to careers@cert.gov.lk within 14 days of this advertisement, stating Chief Executive Officer. Only shortlisted candidates will be notified.
Chairman
Sri Lanka Computer Emergency Readiness Team
Room 4-112, BMICH, Bauddhaloka Mawatha,
Colombo 00700
Tel: 011 2691692/011 2679888