Job Summary:

We are seeking a highly skilled Cybersecurity Specialist to protect digital assets, networks, and sensitive information from cyber threats. The ideal candidate will have experience in risk management, threat detection, security operations, and regulatory compliance. This role involves implementing security measures, responding to incidents, and ensuring the organization’s infrastructure remains resilient against evolving cyber threats.

Key Responsibilities:

Security Operations & Threat Management: 
• Monitor and analyze security events, detect vulnerabilities, and respond to security incidents. 
• Implement firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint protection. 
• Perform penetration testing, vulnerability assessments, and security audits. 
• Investigate security breaches and recommend remediation strategies.

Risk Management & Compliance: 
• Assess and mitigate cyber risks to protect organizational data and systems. 
• Ensure compliance with cybersecurity frameworks and standards such as ISO 27001, NIST, GDPR, and PCI DSS. 
• Develop and enforce security policies, procedures, and best practices. 
• Collaborate with legal and compliance teams to address regulatory requirements.

Infrastructure & Data Protection: 
• Implement and manage encryption, access controls, and identity management solutions. 
• Secure cloud environments (AWS, Azure, Ali Cloud or Google Cloud) and on-premises infrastructure. 
• Oversee secure software development practices and ensure security in DevOps environments. 
• Protect critical data from ransomware, phishing, and malware attacks.

Incident Response & Forensics: 
• Develop and maintain an Incident Response Plan (IRP) to handle cybersecurity events. 
• Conduct forensic analysis to determine attack vectors and mitigate future threats. 
• Work with security information and event management (SIEM) systems for proactive threat detection.

Security Awareness & Training: 
• Educate employees on cybersecurity best practices to prevent social engineering attacks. 
• Conduct simulated phishing campaigns and security awareness training. 
• Stay up to date with emerging cyber threats, trends, and technologies.

Required Qualifications:

• Bachelor's degree in Cybersecurity, Computer Science, Information Security, or a related field. 
• 4+ years of hands-on experience in cybersecurity, network security, or information security. 
• Strong knowledge of firewalls, SIEM tools, IDS/IPS, and endpoint protection. 
• Proficiency in penetration testing, ethical hacking, and forensic analysis. 
• Experience securing cloud environments, databases, and APIs. 
• Understanding of cyber threat intelligence and attack methodologies. 
• Familiarity with security standards such as ISO 27001, NIST, SOC 2, GDPR, and PCI DSS. 
• Hands-on experience with security assessments, including OWASP methodologies, web and mobile API security, Active 
Directory (AD) penetration testing, internal and external network penetration testing, cloud security, automated 
penetration testing, and Capture The Flag (CTF) challenges. 
• Certifications like CISSP, CISM, CEH, OSCP, or CompTIA Security+ are a plus.

Preferred Skills:

• Knowledge of scripting languages (Python, Bash, PowerShell) for automation. 
• Experience with security orchestration, automation, and response (SOAR) tools. 
• Understanding of blockchain security, financial fraud prevention, or fintech security. 
• Ability to work in high-pressure environments and respond to cyber threats in real time.