Cyber Security Prevent Specialist

Role Purpose

The Cyber Prevent Specialist plays a crucial role in protecting our organization's computer systems, networks, and data from cyber threats. Their main responsibilities include analyzing security risks, developing strategies to reduce these risks, and implementing advanced security measures to strengthen our digital assets. This role involves tasks such as monitoring network activity, conducting security audits, and responding to security breaches. The Cyber Prevent Specialist will establish and enforce strict security protocols for APIs, operating systems, databases, and applications. The ideal candidate will have experience in preventative security and or cyber defense with hands on compliances hardening, patching and vulnerability management expertise. Extensive exposure to privileged user access management and identity and access management is desirable. A key aspect of this role is to help improve the organization's defensive capabilities by continuously enhancing security measures. Additionally, the Cyber Prevent Specialist will provide comprehensive cybersecurity training to employees to promote a culture of awareness and adherence to best practices. Keeping up to date with the latest cyber threats and technologies is essential for effectively protecting the organization's assets and maintaining a strong security posture.

Key accountabilities

• A key responsibility is to assist in maturing the organization's overall defensive security strategies by continuously improving and updating security measures.
• A commitment to continuous learning and staying abreast of the latest cybersecurity trends and threats is vital for maintaining a robust security posture.

• A cyber prevent specialist must possess a deep understanding of advanced cybersecurity principles and practices, demonstrating expertise in identifying, analyzing, and mitigating potential threats.
• Implement and maintain preventative security measures leveraging cyber defense practices to protect against potential threats.
• Manage and monitor privileged access across systems and applications ensuring compliance with internal policies and industry standards. Proficient with leading Privileged Access Management (PAM) tools such as, BeyondTrust, CyberArk and Thycotic).
• Regu.
• He must have a strong foundation in network architecture and protocols, coupled with experience in vulnerability assessment using industry leading scanning tools like Qualys, Tenable and Rapid7 with the ability to interpret scan results and ensure identified vulnerabilities are mitigated within the stipulated timelines is crucial for maintaining a solid security posture.
• Sound knowledge and penetration testing, required for identifying and addressing security weaknesses. Use of penetration testing tools like Metasploit, Burp Suite, Nmap and Kali.
• Knowledge of device hardening techniques, and the application of industry hardening guidelines such as CIS, NIST to secure systems networks and applications. Ability to conduct configuration audits to ensure adherence to compliance standards.
• Ability to oversee patch management processed for common operating systems. Coordinate with IT teams to plan test and deploy patches while maintaining patch compliance documentation and reporting to track progress and meet audit requirements. 
• Excellent problem-solving skills and the capacity to develop and execute strategic security plans are necessary for effective risk mitigation and reporting.
• Effective written and verbal communication skills are necessary to collaborate with cross-functional teams and present complex technical information to non-technical stakeholders.
• Safeguard critical assets from attack vectors, expertise in Application Programming Interface (API) and application security, is desired.
• Deployment and management of endpoint security tools are essential for ensuring comprehensive protection across all devices within the organization.

Technical/professional qualifications & Experience

• Minimum of 3-5 years of experience in Cyber Security 
• Bachelor's degree in computer science, information technology, cyber security, or a related field.
• Security-related certifications such as CompTIA Security+; Cisco Certified CyberOps Associate; CCNA; CISSP; CISM; GSEC; SSCP; CASP+; CEH; CySA+ or equivalent.
• Candidates should have a strong knowledge of cyber security principles and best practices.
• Knowledge of common information technology management/compliance frameworks such as ISO/IEC 27001, SOC 2, ITIL, COBIT, and NIST.
• Knowledge of legal, regulatory and privacy requirements, such as Personally Identifiable Information (PII) Protection and Payment Card Industry (PCI)/Data Security Standards and GDPR
• Candidate should deeply understand the current cyber threat landscape, including emerging threats, attack vectors, and vulnerabilities. They should stay current with industry trends, best practices, and regulatory requirements.
• Excellent communication skills [French and English]
• Experience with security tools and technologies, including layered security architecture, internet protocols, firewalls, VanaPN technologies, IDS/IPS, network access control and network segmentation, anti-malware and spam technologies, risk and vulnerability assessments, and compliance.
• Security concepts related to DNS, routing, authentication, PUAM tools, vulnerability scanners proxy services, SIEM and DDOS mitigation technologies.
• Windows, UNIX, and Linux operating systems
• The candidate should have a strong sense of ethics and integrity, as they will protect sensitive information and ensure compliance with legal and regulatory requirements.

Core Competencies

• Excellent communication skills [French and English]
• Strategic Thinking
• Leadership Acumen
• Analytical Skills
• Fostering Teamwork
• Time Management,
• Results oriented
• Customer Orientation

Department: Billing & IT

Division: Cyber Security

Reports to: Manager Cybersecurity Governance & Compliance
 

Together we can.