Job Title: Cyber Security Specialist.
This role is ideal for an experienced professional with a background in cybersecurity operations. You will lead and coordinate cybersecurity operations, ensuring robust threat detection, response capabilities, and ongoing improvement of security posture.
Key Qualifications:
Primary Responsibilities:
- Oversee the operation and maintenance of the cybersecurity technology stack, ensuring its efficiency and effectiveness.
- Execute event and incident investigation processes to detect and analyze malicious activities, ensuring quick identification and response to security threats.
- Lead and coordinate the development of security monitoring use cases based on cyber threats identified through threat modeling, intelligence, and environmental analysis.
- Draft, maintain, and enhance playbooks and incident response plans, ensuring alignment with monitoring use cases.
- Design, implement, and manage automated actions to facilitate prompt containment and response to identified threats.
- Execute vulnerability and compliance management processes, providing regular reporting to stakeholders.
- Develop and provide reporting metrics for IT Security, Vulnerability Management, and Compliance requirements.
- Identify and communicate control and monitoring gaps to the IT Security team, recommending improvements for enhanced security posture.
- Plan and conduct cybersecurity incident rehearsals and drills to strengthen resilience and response capabilities.
- Ensure that all applications, products, and services align with established security standards and specifications.
- Oversee Managed Security Service Provider (MSSP) activities, ensuring they meet Service Level Agreements and contractual obligations.
- Support the creation and execution of the cybersecurity roadmap to expand capabilities as required.
- Drive new security initiatives from planning through execution, ensuring alignment with the organization’s strategic goals.
Technical Expertise:
- Experience: 5 years plus experience ( L2/L3)
- SIEM and Endpoint Security: Advanced experience with SIEMs, Security Analytics, and Endpoint Detection and Response tools.
- Playbook Development: Strong capability in developing SIEM use cases, incident response playbooks, and automated workflows.
- Incident Investigation: Proven experience with cybersecurity event and incident investigations, preferably in a senior or lead role.
- Management of Vulnerability and Compliance Technologies: Skilled in handling technologies related to Vulnerability and Compliance Management.
- Emerging Technologies: Familiarity with machine learning, artificial intelligence, and data science applications in cybersecurity.
- Certifications: CISSP, CCSP, CISA, CISM, OSCP, or similar certifications are highly valued.
- Education: Bachelor’s Degree is required.