Cyber Security Consultant

Cyber security Specialist

Position Overview:

We are seeking a detail-oriented and proactive Cyber Security Engineer to join our team with a dual focus on vulnerability management and security operations. This hybrid role requires a solid understanding of threat landscapes, vulnerability remediation strategies, and incident detection and response.

You will be responsible for identifying, assessing, and tracking vulnerabilities across enterprise systems, while also supporting the SOC team in detecting and responding to security incidents. Your work will directly reduce our attack surface and improve our overall security posture.

Key Responsibilities:

Vulnerability Management:

• Conduct regular vulnerability scans using tools such as Tenable, Qualys, or Nessus across cloud, network, and endpoint assets.
• Analyze scan results, prioritize risks based on severity and asset criticality, and communicate findings to system owners.
• Collaborate with IT and DevOps teams to remediate or mitigate vulnerabilities.
• Maintain a vulnerability management lifecycle including asset inventory integration, risk classification, and patch verification.
• Report on trends, progress, and exceptions to remediation policies.

Security Operations:

• Monitor security events and alerts from SIEM platforms (e.g., Splunk, Sentinel, QRadar) and EDR tools (e.g., CrowdStrike, Defender for Endpoint).
• Investigate incidents, perform root cause analysis, and escalate as necessary.
• Assist with developing and fine-tuning correlation rules, dashboards, and automation playbooks.
• Participate in threat hunting, IOC tracking, and log analysis to identify malicious behavior.
• Support forensic analysis and containment during incident response.

Required Qualifications:

• Bachelor’s degree in Cybersecurity, Information Technology, or a related field (or equivalent experience).
• 3–5 years of hands-on experience in cybersecurity, including vulnerability management and/or SOC environments.
• Proficiency with vulnerability scanning tools (e.g., Tenable, Qualys) and patch management processes.
• Experience with SIEM, EDR, and log analysis.
• Strong understanding of network protocols, endpoint security, system hardening, and cloud security basics.
• Familiarity with CVSS scoring, MITRE ATT&CK, and threat modeling.

Preferred Qualifications:

• Relevant certifications such as:
• CompTIA Security+ / CySA+
• GIAC GSEC, GCIA, or GCIH
• OSCP
• SC-200 or AZ-500 (Microsoft Security Certs)
• Experience with scripting or automation (e.g., PowerShell, Python, Bash).
• Knowledge of regulatory frameworks (e.g., NIST, ISO 27001, CIS).
• Exposure to cloud environments (Azure, AWS, GCP) and corresponding security tools.

For more information and to apply, please share your up-to-date CV with me at [email protected]