It Security Specialist

Technical capability:

Role & Responsibilities:

• Design, implement, and maintain security solutions to safeguard the organizations infrastructure, applications, and data.
• Perform comprehensive penetration testing of networks, applications, and systems to identify vulnerabilities and assess risk exposure.
• Monitor and analyze security events and incidents using Security Information and Event Management (SIEM) tools.
• Conduct vulnerability assessments and work with teams to remediate identified risks.
• Collaborate with cross-functional teams to integrate security best practices into system architecture and application development.
• Respond to security incidents, perform root cause analysis, and recommend corrective actions.
• Manage security tools and technologies.
• Support compliance initiatives, ensuring adherence to regulatory requirements like GDPR, HIPAA, or PCI-DSS.
• Provide security awareness training to employees to foster a strong culture of cybersecurity.
• Stay updated on emerging threats, vulnerabilities, and security technologies to ensure proactive protection measures.

Preferences and qualifications:

• Bachelors degree in computer science, Information Technology, Cybersecurity, or a related field (or equivalent experience).
• Proven experience in cybersecurity engineering or related roles, with a focus on penetration testing (PT).
• Strong verbal and written communication skills, with the ability to explain technical concepts to non-technical stakeholders.
• Relevant security certifications such as CISSP, CISM, CEH, OSCP, CompTIA Security+, or equivalent.
• Proficiency in penetration testing tools such as Metasploit, Burp Suite, Nessus, Kali Linux, or similar.
• Hands-on experience with security technologies, including firewalls, SIEM, IDS/IPS, endpoint protection, and DLP solutions.
• Knowledge of cloud security practices across platforms like AWS, Azure, or GCP.
• Familiarity with scripting or automation tools (e.g., Python, PowerShell) for improving security processes.
• Solid understanding of network protocols, system architecture, and security principles.
• Experience with incident response and forensic analysis.
• Familiarity with zero-trust architectures and advanced authentication methods.