New Cyber Security Specialist

1 Full-time, Permanent Position

Is This Role for You?
Reporting to the Manager, Cyber Security and Compliance, the Cyber Security Specialist is responsible for the investigation, and resolution of detected security breaches. Additionally, the Cyber Security Specialist will actively support the implementation of new security solutions, participation in the creation and or maintenance of standards, baselines, guidelines, and procedures as well as conducting vulnerability assessments and penetration tests. The Cyber Security Specialist is expected to be fully aware of the enterprise’s security goals as established by its stated policies, procedures, and guidelines and to actively work towards upholding those goals. Furthermore, as a member of the Cyber Security team, the Cyber Security Specialist is responsible for enhancing and maintaining security for the technology infrastructure at the enterprise level.

Day in The Life
- Investigate and perform in-depth analysis of exploits & conduct proactive threat research
- Triage incident tickets, summarize common incidents & report to the operation team
- Review security events that are populated in a Security Information and Event Management (SIEM) system
- Analyze a variety of network and host-based security appliance logs (Firewalls, NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths for incidents
- Independently follow procedures to contain, analyze and eradicate malicious activity
- Document all activities during an incident and provide leadership with status updates during the life cycle of the incident
- Incident management, response, and reporting
- Provide information regarding intrusion events, security incidents, and other threat indications and warning information to the client
- Assist with the development of processes and procedures to improve incident response times, analysis of incidents, and overall security functions
- Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines, and procedures) under the direction of the Manager, Cyber Security, and Compliance, where appropriate
- Maintain up-to-date detailed knowledge of the IT security industry, including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors
- Understanding emerging security practices and standards; keeping abreast of the latest security trends
- Ability to interact and build strong relationships with all levels of the organization and work independently and as a team when needed
- Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security
- Perform the deployment, integration, and initial configuration of new security solutions and enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically
- Maintain operational configurations of all in-place security solutions as per the established baselines
- Monitor all in-place security solutions for efficient and appropriate operations
- Review logs and reports of all in-place devices, whether they be under direct control (i.e., security tools) or not (e.g., workstations, servers, network devices). Interpret the implications of that activity and devise plans for appropriate resolution
- Participate in investigations into problematic activity
- Escalate threats and incidents to management and develop recommendations based on incident findings
- Participate in the design and execution of vulnerability assessments, penetration tests, and security audits

**Special Requirements**:
You Have:

- University degree in Information Technology, Computer Science, Cybersecurity, or a related field of studies
- 5+ years of experience working in the IT industry
- 3+ years of experience working in information security is preferred
- Good knowledge of computer networking fundamentals, theory, and practice
- Strong knowledge of (IPv4, switching, routing, OSI model)
- Proficient technical, analytical, and problem-solving skills
- Egger to learn new tools and solutions
- Familiarity with industry best practices and standards such as CIS and NIST, including security hardening techniques.
- Familiarity with industry best practices of Security Operation Centers - SOC
- Understanding of networking systems configurations, including firewalls
- Understanding of incident handling and forensics, Risk Assessment & Quantification methodologies, and familiarity with automated security monitoring systems and log correlation

Certifications

Mandatory certifications:

- CCNA - Cisco Certified Network Associate

Preferred to have One or more of the following certifications:

- CEH - Certified Ethical Hacker | EC-Council
- SSCP - Systems Security Certified Practitioner | (ISC)²
- ECIH - Certified Incident Handler (E|CIH) | EC-Council
- GC