Cyber Security Specialist

Job Summary:

We are seeking an experienced Cyber Security Specialist to strengthen our security posture and support our journey toward ISO 27001 and SOC 2 compliance. You will play a key role in designing, implementing, and managing security controls across our AWS cloud environment, working closely with cross-functional teams to safeguard data, infrastructure, and business operations.

Responsibilities:

Cloud Security (AWS/Azure/O365):

Implement, monitor, and optimize AWS security best practices.

Manage IAM policies, VPC security, encryption, key management, and logging.

Conduct regular audits and ensure secure configuration of AWS services.

Compliance and Governance:

Contribute to achieving and maintaining ISO 27001 SOC 2 and similar certification.

Develop, document, and enforce security policies, standards, and procedures.

Assist in internal and external audits, risk assessments, and gap analysis.

Threat Management:

Monitor, detect, and respond to security incidents and vulnerabilities.

Conduct root cause analysis and implement remediation plans.

Collaborate with DevOps, IT, and business teams for secure system design.

Security Operations:

Implement and maintain SIEM, IDS/IPS, vulnerability scanners, and endpoint protection.

Support incident response playbooks and business continuity planning.

Ensure log management, monitoring, and reporting of critical events.

Awareness and Training:

Drive organisation-wide security awareness programs.

Mentor junior team members and promote a culture of security by design.

Skills and Qualifications:

Experience:

Technical Skills:

Strong hands-on experience with AWS security controls (IAM, KMS, Security Hub, GuardDuty, WAF, CloudTrail, CloudWatch).

Proficiency in vulnerability management, SIEM tools and endpoint security solutions.

Knowledge of network security, encryption standards, firewalls, and intrusion detection systems.

Compliance Expertise: Practical exposure to ISO 27001, SOC 2, GDPR, or other security frameworks.

Soft Skills:

Certifications: one or two certifications i.e CISSP, CISM, CISA, CCSP, AWS Security Speciality: ISO 27001 Lead Implementer/Auditor.