Job Summary:
The Senior Cyber Security Specialist is responsible for designing, implementing, and maintaining the organization's cybersecurity framework, ensuring the protection of digital assets, networks, and data. The role involves assessing security risks, developing policies, responding to incidents, and leading security initiatives to mitigate threats.
Key Responsibilities:
Security Strategy & Compliance:
- Develop and implement cybersecurity strategies, policies, and procedures in line with industry best practices.
- Ensure compliance with relevant cybersecurity regulations, frameworks, and standards (ISO 27001, NIST, GDPR, etc.).
- Conduct risk assessments and vulnerability analyses to identify potential security gaps and recommend remediation strategies.
Threat Management & Incident Response:
- Monitor and analyze security threats, vulnerabilities, and attack vectors.
- Respond to security incidents, investigate breaches, and coordinate incident response efforts.
- Conduct forensic analysis and root cause investigations to prevent recurrence of security incidents.
Infrastructure & Network Security:
- Oversee the security of enterprise networks, cloud infrastructure, and endpoint protection.
- Implement and manage security tools such as firewalls, intrusion detection/prevention systems (IDS/IPS), SIEM solutions, and antivirus software.
- Regularly test and audit IT systems for security weaknesses and recommend enhancements.
Identity & Access Management (IAM):
- Manage identity and access controls, including role-based access management and multi-factor authentication (MFA).
- Monitor privileged accounts and enforce least privilege principles.
Security Awareness & Training:
- Develop and conduct security awareness programs for employees to enhance cybersecurity culture.
- Provide training to IT staff and end-users on security best practices.
Collaboration & Reporting:
- Work closely with IT, legal, and compliance teams to align security initiatives with business objectives.
- Generate and present security reports, risk assessments, and recommendations to senior management.
- Engage with external security vendors and partners to enhance cybersecurity posture.
Qualifications & Experience:
- Bachelor’s or Master’s degree in Cyber Security, Information Security, Computer Science, or related field.
- Minimum 5+ years of experience in cybersecurity roles, with a strong focus on security operations, risk management, and compliance.
- Relevant certifications such as CISSP, CISM, CEH, CCSP, or OSCP are highly preferred.
Technical Skills:
- Expertise in firewalls, SIEM tools, endpoint security, intrusion detection/prevention systems (IDS/IPS), and encryption technologies.
- Strong understanding of cloud security (AWS, Azure, Google Cloud) and hybrid environments.
- Proficiency in network security, penetration testing, vulnerability management, and incident response.
- Knowledge of security frameworks (ISO 27001, NIST, CIS Controls) and regulatory requirements (GDPR, HIPAA, PCI-DSS).
- Hands-on experience with forensic analysis, malware analysis, and ethical hacking.
- Proficiency in scripting and automation (Python, PowerShell) is a plus.
