Information Security Specialist

As a seasoned security professional, you will play a pivotal role in shaping and maintaining our information security strategy, policies, controls, and procedures for both internal and external stakeholders.

Your primary objective is to enhance the overall security posture of the organization by implementing robust security measures and continuously seeking opportunities for improvement.

You will also be engaged on client IS requirements, working closely with various stakeholders to understand their business needs and collaborating with IT teams to enhance the security environment.

• Vulnerability Assessment: Conduct thorough assessments of IT systems to identify security weaknesses, evaluating these vulnerabilities, and effectively communicating findings to relevant stakeholders.
• Threat Intelligence: Analyze diverse sources of threat intelligence, consolidate the analysis, and disseminate insights to key stakeholders to enhance awareness and preparedness.
• Application and Data Security: Implement measures to safeguard applications and data, ensuring confidentiality, integrity, and availability are maintained at all times.
• Identity and Access Management: Establish and maintain robust access control mechanisms to safeguard systems, defining access privileges, control structures, and resource allocations.
• Incident Resolution and Monitoring: Responsibly handle security incidents and monitor the IT estate using various monitoring tools to detect and respond to potential threats promptly.
• Security Infrastructure Configuration and Troubleshooting: Configure and troubleshoot security infrastructure devices such as firewalls, security appliances, and computer systems to ensure optimal functionality and protection.
• Technical Solutions Development: Develop innovative technical solutions and security tools to mitigate vulnerabilities effectively and automate recurring security tasks, enhancing overall security posture.
• Reporting: Generate required reports related to security, including weekly/monthly key performance indicators (KPIs), key risk indicators (KRIs), project updates, and other relevant metrics.
• Continuous Learning and Awareness: Stay abreast of the latest security news, trends, and emerging vulnerabilities, and actively seek opportunities to enhance knowledge and skills in the field of cybersecurity.

• Proficiency in deploying and configuring perimeter defense mechanisms to safeguard networks and prevent unauthorized access.
• Extensive knowledge and experience working with Microsoft 365 environments, including Office 365, Azure Active Directory, and associated services.
• Hands-on experience in implementing Microsoft Endpoint, Microsoft's cloud-based service for mobile device management (MDM) and mobile application management (MAM).
• In-depth understanding and proficiency in Checkpoint technologies, including firewall solutions and security management platforms.
• Familiarity with Vulnerability Management technologies, practices, and procedures, such as Qualys, to identify, assess, prioritize, and remediate security vulnerabilities across IT environments.
• Good technical knowledge and experience working with both Windows and Linux environments.

• Opportunity to work with a dynamic team of security professionals.
• Chance to contribute to the development of innovative security solutions.
• Professional growth and development opportunities.

• Ability to approach security challenges with a proactive mindset and a positive attitude.
• Knowledge of NIST, NIS-D2, ISO 27001 ISMS, ISO 27018 PII, ISO 27017 Cloud, NIST 800-27 Security, ISO 20000 SMS, ISO 9001 QMS, BS 10012 PIMS ISO AWI 27552 Privacy, ISO 29100 Privacy, NIST 800-53 Federal Privacy, NIS Directive, California Consumer Privacy Act, ISO 14001 EMS, ISO 50001 EMS, ISO 18001 OHSAS, ISO 22301 Business Continuity, BS 31000 Risk Management.
• Demonstrated ability to work independently, with the ability to take initiative and drive security initiatives forward without constant supervision.
• Be a player, not a spectator, taking ownership and making things happen.