Job Title: Cyber Security Specialist
Job Summary:
Seeking Cyber Security Specialist with minimum 3 to 7 years of experience to enhance organization's security posture. The ideal candidate will be responsible for security architecture assessments, security hardening, configuration audits, vulnerability management, security controls deployment, management, tunning and security compliance. This role demands a proactive approach in identifying security risks, guiding remediation efforts, and ensuring adherence to industry best practices.
Key Responsibilities:
- Conduct security architecture reviews for new and existing systems to identify design weaknesses.
- Detailed understanding of zero trust principles for evaluating and enforcing design decisions
- Perform configuration audits for OS, firewalls, routers, switches, and security appliances to ensure secure baselines.
- Guide asset owners on security hardening best practices based on CIS benchmarks and industry standards.
- Ensure cloud security compliance by implementing best practices for Hybrid environments.
- Evaluate network security architecture, including firewalls, IPS, VPNs, proxies, and web filtering solutions.
- Support the enforcement of Zero Trust Architecture, network segmentation, and secure access models.
- Collaborate with IT teams to design and implement security controls across cloud and on-prem environments.
- Stay updated with the latest cyber threats, vulnerabilities, and attack trends.
- Participate in threat hunting exercises and contribute to red/blue team assessments.
- Provide security guidance on secure coding, system hardening, and cloud security best practices.
- Monitor and analyse security incidents escalated by teams using SIEM solutions and EDR platforms for incident response plan execution.
- Assist in maintaining and testing the Incident Response Plan (IRP).
- Maintain and manage enterprise vulnerability management systems, ensuring complete coverage of all assets.
- Track, assess, and report emerging vulnerabilities, mapping their relevance to organizational infrastructure.
- Work closely with asset owners to prioritize and ensure timely remediation of identified vulnerabilities.
- Revalidate patched vulnerabilities and ensure updates are reflected on the vulnerability management platform.
- Ensure IT infrastructure compliance with industry standards (CIS, NIST, ISO 27001, etc.).
- Proactively drive patching efforts for critical vulnerabilities across the asset base.
- Automate vulnerability management processes, including scripting repetitive tasks and implementing API integrations.
- Assist in the development of security policies, procedures, and control guidelines.
- Prepare periodic vulnerability management reports and live dashboards for remediation teams.
- Support security awareness programs, educating employees on cyber threats and best practices.
Required Skills & Qualifications
- Strong understanding of enterprise and hybrid security architecture, vulnerability management, and compliance frameworks.
- Experience with enterprise-grade vulnerability management solutions.
- Knowledge of network security technologies, including firewalls, IDS/IPS, VPNs, and web security.
- Hands-on experience with Windows and Linux server environments.
- Detailed understanding of cloud security principles for Hybrid environments.
- Scripting and automation experience (Python, PowerShell, Bash) is a plus.
- Familiarity with security hardening benchmarks such as CIS, NIST, and DISA STIGs.
- Bachelor’s degree in cyber security, Information Technology, Computer Science, or a related field.
- Preferred Certifications (one or more):
- CompTIA Security+
- Certified Ethical Hacker (CEH)
- GIAC Security Essentials (GSEC)
- Certified Information Systems Security Professional (CISSP) / CCSP (preferred)
- AWS/GCP/Azure Security Certifications
