We are seeking a skilled Cyber Security Specialist to join our dynamic information security team. In this role, you will contribute to the day-to-day security operations activities, monitor security systems, perform maintenance and upgrades to security infrastructure, implement enhancements, provide consulting expertise for projects, and ensure compliance with information management security requirements and industry regulations.
Roles and Responsibilities
- Administer and maintain security systems and infrastructure, including firewalls, VPNs, vulnerability scanning tools, web proxies, SIEMs, and endpoint security solutions. Additionally, you will manage security services within the AWS cloud environment, utilizing tools such as AWS GuardDuty, Security Hub, Trusted Advisor, IAM Access Analyzer, and CloudWatch Anomaly Detection.
- Perform ongoing security monitoring by analyzing events reported by security systems, SIEMs, and cloud security monitoring services. Assess, respond to, and resolve security events such as incidents, vulnerabilities, threats, and overall risk.
- Respond to security incidents related to malware events on employee laptops. This includes isolating the affected laptop, containing the threat, communicating with the affected employee, analyzing the source of the threat, and making adjustments to existing controls to prevent recurrence.
- Conduct vulnerability and risk assessments, as well as root cause analysis of security incidents. Provide recommendations for improvements based on the findings and implement them as necessary.
- Provide recommendations for enhancing existing or implementing new security solutions to strengthen overall enterprise security.
- Continuously evaluate and improve IT infrastructure by assessing risks and the effectiveness of mitigation strategies. Stay updated on evolving network attacks, threat vectors, and industry best practices.
- Document procedures, processes, and implementations for future reference and knowledge transfer.
Qualifications and Skills
- A bachelor's degree in Computer Science, Information Security, or a related field. Relevant certifications such as CISSP, CISM, or CEH are highly desirable.
- Proven experience in administering and maintaining security systems, infrastructure, and services, including familiarity with firewalls, VPNs, vulnerability scanning tools, web proxies, SIEMs, and endpoint security solutions. Knowledge of AWS security services is a plus.
- Strong understanding of security incident response, including malware analysis, containment, and resolution.
- Experience conducting vulnerability assessments, risk assessments, and root cause analysis of security incidents. Ability to provide recommendations and implement security improvements based on findings.
- Proficiency in analyzing security events through SIEMs and network packet captures. Familiarity with network traffic analysis across firewalls, routers, proxies, load balancers, and hosts.
