Cybersecurity Specialist

Job Responsibilities

• Perform thorough assessments of internal IT systems to identify vulnerabilities and potential security risks.
• Set up and manage security monitoring tools, such as EDR, NDR, and Microsoft Sentinel, to detect and analyze security threats.
• Lead the investigation of security incidents by analyzing logs, identifying issues, and recommending appropriate solutions.
• Assess the security maturity of third-party vendors, IT products, and systems to ensure they meet the organization’s security standards.
• Contribute to the enhancement, assessment, and implementation of cybersecurity frameworks in line with the NIST Cybersecurity Framework (CSF).
• Monitor and investigate suspicious network and application behavior, including breach analysis and evidence gathering.
• Execute security projects such as data classification, data loss prevention (DLP), and security blueprints across the organization.
• Prepare management reports on evolving cybersecurity threats, organizational maturity assessments, and initiatives.

Job Requirements

• Bachelor’s degree in Computer Science or a related field.
• Relevant industry certifications, such as CISSP or as a cybersecurity Subject Matter Expert.
• Over 10 years of experience in IT (Infrastructure, Network, and Security), with at least 5 years focused on cybersecurity.
• Familiarity with common security frameworks like CIS and NIST CSF.
• Understanding of regulatory requirements related to cybersecurity (e.g., GDPR, FDA).
• Required experience with Microsoft Azure cloud and its native security solutions.
• Proven experience in incident response related to cyber events.
• Background working with Security Operations Center (SOC) teams to monitor and manage security incidents in real-time.
• Proficiency in using SOC tools and technologies to identify threats, analyze data, and respond promptly to security incidents.
• Strong communication skills in English (both spoken and written) with the ability to convey security risks and controls to both technical and non-technical stakeholders.
• Hands-on experience in investigating breaches, gathering evidence, and analyzing security logs is a plus.
• Experience with DevSecOps transformations is also a plus.