Cybersecurity Specialist

Responsibilities:

• Conduct cybersecurity risk assessments and vulnerability scans of systems, networks, and applications to identify security weaknesses and potential risks.
• Design and implement security controls, policies, and procedures to mitigate identified risks and protect against cyber threats.
• Monitor security logs and alerts to detect and respond to security incidents in a timely manner.
• Investigate security incidents, conduct forensics analysis, and implement corrective actions to prevent recurrence.
• Manage security tools and technologies such as firewalls, intrusion detection systems (IDS), endpoint protection, and security information and event management (SIEM) systems.
• Utilize standard security tools such as Burp Suite for web application security testing, Nessus for vulnerability scanning, Nmap for network mapping, and Metasploit for penetration testing.
• Develop and deliver cybersecurity awareness training and education programs for employees to promote security awareness and best practices.
• Collaborate with development and operations teams to integrate security into the software development lifecycle (SDLC) and DevOps processes.
• Stay up-to-date with emerging cyber threats, vulnerabilities, and best practices, and implement appropriate measures to protect against them.
• Conduct periodic security audits and assessments to ensure compliance with industry standards and regulations such as GDPR, HIPAA, PCI-DSS, and SOC 2.
• Provide guidance and support to stakeholders on cybersecurity matters, including risk management, incident response, and compliance requirements.

Qualifications:

• Bachelor's or Master's degree in Cybersecurity, Information Security, Computer Science, or a related field.
• Proven experience as a Cybersecurity Specialist or similar role, with a strong background in cybersecurity principles, practices, and technologies.
• Certifications such as CompTIA Security+ are preferred.
• Deep understanding of cybersecurity frameworks and standards such as NIST Cybersecurity Framework, ISO/IEC 27001, and CIS Controls.
• Experience with cybersecurity tools and technologies such as firewalls, IDS/IPS, SIEM, antivirus, and endpoint protection.
• Hands-on experience with security assessment and penetration testing tools such as Nessus, Nmap, Metasploit, and Burp Suite.
• Knowledge of encryption technologies, secure network architecture, and secure coding practices.
• Strong analytical and problem-solving skills, with the ability to analyze complex technical issues and develop effective solutions.
• Excellent communication and interpersonal skills, with the ability to communicate technical concepts to non-technical stakeholders.
• Ability to work effectively in a fast-paced environment and manage multiple tasks simultaneously.