Cybersecurity Specialist

Description

Job Overview:

We are seeking a proactive and experienced Cybersecurity Specialist to join our IT security team. The Cybersecurity Specialist will be responsible for protecting the organization's computer systems, networks, and sensitive data from cyber threats. You will play a crucial role in identifying vulnerabilities, implementing security measures, monitoring for potential threats, and responding to security incidents. The ideal candidate will possess a strong technical background in cybersecurity, a deep understanding of security frameworks, and the ability to work collaboratively with other teams to maintain and improve the security posture of the organization.

Key Responsibilities:

• Threat      Detection & Incident Response:
  • Monitor security systems, networks, and       applications for signs of potential breaches or security threats.
  • Investigate and respond to security       incidents, including unauthorized access attempts, malware infections, or       data breaches.
  • Conduct root cause analysis to identify       vulnerabilities and recommend mitigation strategies.
  • Develop and execute incident response       plans to minimize impact and recover from security events.
• Security      Infrastructure Management:
  • Implement and maintain security tools,       such as firewalls, intrusion detection/prevention systems (IDS/IPS),       antivirus software, encryption systems, and endpoint protection       solutions.
  • Collaborate with system administrators       and IT teams to ensure secure configurations of servers, databases, and       applications.
  • Manage and monitor access control       mechanisms, including multi-factor authentication (MFA) and role-based       access controls (RBAC).
• Risk      Assessment & Vulnerability Management:
  • Conduct regular risk assessments and       security audits to identify potential vulnerabilities in the IT       environment.
  • Perform vulnerability scanning and       penetration testing to proactively detect weaknesses in networks,       systems, and applications.
  • Work with stakeholders to prioritize and       remediate identified vulnerabilities and security gaps.
  • Assist in ensuring compliance with       relevant security standards and regulations 
• Security      Policy & Compliance:
  • Develop, update, and enforce security       policies, procedures, and best practices to safeguard the organization's       data and IT infrastructure.
  • Stay current with emerging security       threats, technologies, and industry trends, and ensure the organization’s       security policies remain up to date.
  • Ensure the organization complies with       security regulations, laws, and industry standards through regular audits       and assessments.
• Security      Awareness & Training:
  • Provide cybersecurity training and       awareness programs to employees to foster a security-conscious culture.
  • Educate staff about phishing, social       engineering, safe data handling practices, and other security best       practices.
  • Develop and distribute security       documentation, guidelines, and alerts to employees as needed.
• Collaboration      & Reporting:
  • Work closely with IT and operations teams       to align security practices with business objectives and regulatory       requirements.
  • Prepare and present regular reports on       security activities, incidents, and overall risk posture to senior       management.
  • Participate in security-related projects       and provide guidance on security considerations for new technologies and       system implementations.

  
  

Requirements

  Qualifications:

• Education:
  • Bachelor's degree in Computer Science,       Information Technology, Cybersecurity, or a related field (or equivalent       work experience).
• Experience:
  • 3+ years of experience in cybersecurity       or information security roles, with a strong understanding of security       operations and risk management.
  • Hands-on experience with security       technologies, such as firewalls, IDS/IPS, SIEM tools, endpoint       protection, and encryption.
  • Familiarity with security frameworks and       standards (e.g., NIST, ISO 27001, CIS Controls).
  • Experience with vulnerability scanning       tools (e.g., Nessus, Qualys) and penetration testing tools (e.g., Kali       Linux, Metasploit) is preferred.
• Technical      Skills:
  • Proficiency in network security concepts       (e.g., VPNs, firewalls, intrusion detection systems).
  • Strong understanding of common attack       vectors and techniques, such as phishing, SQL injection, ransomware, and       DDoS attacks.
  • Familiarity with cloud security and       securing cloud-based infrastructures (AWS, Azure, Google Cloud).
  • Experience with scripting and automation       tools (e.g., PowerShell, Python) for security tasks is a plus.
  • Familiarity with endpoint security       solutions and identity/access management (IAM).
• Certifications      (Preferred):
  • Certified Information Systems Security       Professional (CISSP).
  • Certified Ethical Hacker (CEH).
  • CompTIA Security+ or equivalent       cybersecurity certifications.
  • Certified Information Security Manager       (CISM) or Certified Information Systems Auditor (CISA) is a plus.
• Soft      Skills:
  • Strong analytical and problem-solving       skills, with the ability to think critically under pressure.
  • Excellent communication skills, with the       ability to explain technical concepts to non-technical stakeholders.
  • Detail-oriented with the ability to       prioritize and manage multiple tasks in a fast-paced environment.
  • Ability to work independently and as part       of a team.