Security Specialist

This Security Operation Specialist involves monitoring and investigating security incidents such as phishing, malware, data loss, and unauthorized access, while coordinating response efforts with the SOC and IT teams. It includes managing incident workflows and maintaining documentation such as root cause analyses and lessons learned. The position also supports the vulnerability management program by performing assessments, tracking remediation, preparing risk reports, and coordinating with system owners. Additionally, the role requires implementing and maintaining security controls across endpoint, network, and cloud platforms, configuring web and cloud policies, supporting endpoint protection, and troubleshooting security‑related performance issues. The position also supports data protection initiatives through DLP policy enforcement, user access reviews, SaaS governance, and validation of access controls. Finally, the role contributes to governance, risk, and compliance efforts by supporting ISO 27001‑aligned activities, assisting with audits, maintaining security documentation, and participating in vendor and third‑party security assessments.

Required Skills & Experience

• At least 4-6 years of experience in IT security, cybersecurity operations, or information security
• Hands‑on experience with endpoint security and threat detection tools
• Experience with web, network, or cloud security platforms
• Working knowledge of vulnerability management processes and tools
• Familiarity with data protection, access management, and security monitoring concepts
• Working knowledge of security policies, standards, and audit requirements
• Exposure to ISO 27001 or similar security frameworks is an advantage

Preferred Qualifications

• Security certifications (e.g., Security+, CySA+, CEH, GCIH, Microsoft SC‑200, SC-300, AZ-500, CCSP, CISA security certifications)
• Experience with Microsoft security technologies and cloud environments