Job Description
Are you passionate about protecting systems, networks, and data from cyber threats? Do you have a knack for identifying vulnerabilities, implementing security measures, and staying a step ahead of potential attacks? If you're ready to be the frontline defender of our digital assets, our client has the perfect role for you. We're looking for a Security Specialist (aka The Cyber Guardian) to strengthen and monitor the organization's cybersecurity posture, ensuring the highest levels of data and system security.
As a Security Specialist at our client , you'll work closely with IT, risk management, and compliance teams to identify and mitigate security risks, monitor threats, and respond to security incidents. Your expertise will be vital in safeguarding sensitive information and ensuring that all systems and processes are secure.
Key Responsibilities:
- Monitor and Analyze Security Threats:
- Continuously monitor network and system activity using security tools like SIEM, intrusion detection systems (IDS), and firewalls. You'll detect, analyze, and respond to potential security breaches or incidents in real-time.
- Identify and Mitigate Vulnerabilities:
- Conduct regular vulnerability assessments and penetration testing on systems, applications, and networks. You'll work proactively to identify and mitigate risks, closing gaps before they're exploited.
- Implement Security Policies and Controls:
- Develop and enforce security policies, procedures, and controls to ensure compliance with security best practices and regulatory standards. You'll work with cross-functional teams to integrate these protocols effectively.
- Manage Incident Response and Investigations:
- Lead incident response efforts to contain, investigate, and resolve security incidents. You'll document incidents, conduct forensic analysis, and implement corrective actions to prevent future breaches.
- Oversee Access Control and Identity Management:
- Implement and maintain access controls, including multi-factor authentication and role-based access. You'll ensure that only authorized users have access to sensitive data and systems.
- Stay Updated on Emerging Threats and Security Trends:
- Keep abreast of the latest cybersecurity threats, trends, and tools. You'll apply this knowledge to improve the organization's security posture and anticipate potential risks.
- Train and Educate Staff on Security Best Practices:
- Conduct security awareness training for employees, promoting a culture of security-conscious behavior. You'll educate teams on how to recognize phishing, social engineering, and other common attack vectors.
Requirements
Required Skills:
- Cybersecurity and Threat Detection Expertise: In-depth understanding of cybersecurity principles, threat detection, and mitigation strategies.
- Vulnerability Assessment and Penetration Testing: Proficiency with tools like Nessus, Metasploit, and Burp Suite for identifying and mitigating vulnerabilities.
- Security Framework Knowledge: Familiarity with security frameworks (e.g., NIST, ISO 27001) and compliance requirements such as GDPR, HIPAA, or PCI-DSS.
- Incident Response and Forensic Analysis: Experience in managing security incidents, conducting forensic investigations, and implementing corrective measures.
- Technical Knowledge of Security Tools: Proficiency in using SIEM tools, IDS/IPS, firewalls, and endpoint security software.
Educational Requirements:
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field. Equivalent experience in security may be considered.
- Relevant certifications (e.g., Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), CompTIA Security+) are highly advantageous.
Experience Requirements:
- 3+ years of experience in cybersecurity, information security, or a related field, with a strong track record in threat detection and mitigation.
- Experience with security monitoring tools and techniques for network and application security.
- Familiarity with cloud security (e.g., AWS, Azure) is a plus.
Benefits
- Health and Wellness: Comprehensive medical, dental, and vision insurance plans with low co-pays and premiums.
- Paid Time Off: Competitive vacation, sick leave, and 20 paid holidays per year.
- Work-Life Balance: Flexible work schedules and telecommuting options.
- Professional Development: Opportunities for training, certification reimbursement, and career advancement programs.
- Wellness Programs: Access to wellness programs, including gym memberships, health screenings, and mental health resources.
- Life and Disability Insurance: Life insurance and short-term/long-term disability coverage.
- Employee Assistance Program (EAP): Confidential counseling and support services for personal and professional challenges.
- Tuition Reimbursement: Financial assistance for continuing education and professional development.
- Community Engagement: Opportunities to participate in community service and volunteer activities.
- Recognition Programs: Employee recognition programs to celebrate achievements and milestones.
Key skill Required
- AWS
- Azure
- Burp Suite
- Cybersecurity
- Access Control
- Analysis
- Application Security
- Authentication
- Awareness
- Cloud Security
- Community Engagement
- Compliance
- Comprehensive
- Computer Science
- Counseling
- Development
- Disability Insurance
- Employee Recognition
- Financial Assistance
- Forensic
- Forensic Analysis
- Identity Management
- Incident Response
- Information Security
- Insurance
- Life Insurance
- Management
- Mental Health
- Metasploit
- Nessus
- Passionate
- Penetration Testing
- Professional Development
- Regulatory Standards
- Reimbursement
- Risk Management
- Science
- Security
- Security Awareness Training
- Security Framework
- Security Monitoring
- Sensitive
- Social Engineering
- Support Services
- Technical Knowledge
- Telecommuting
- Threat Detection
- Training
- Vision Insurance
- Vulnerability Assessment
- Wellness Programs
- Work-Life Balance
