Conduct cybersecurity risk assessments and vulnerability scans of systems, networks, and applications to identify security weaknesses and potential risks.
Design and implement security controls, policies, and procedures to mitigate identified risks and protect against cyber threats.
Monitor security logs and alerts to detect and respond to security incidents in a timely manner.
Investigate security incidents, conduct forensics analysis, and implement corrective actions to prevent recurrence.
Manage security tools and technologies such as firewalls, intrusion detection systems (IDS), endpoint protection, and security information and event management (SIEM) systems.
Utilize standard security tools such as Burp Suite for web application security testing, Nessus for vulnerability scanning, Nmap for network mapping, and Metasploit for penetration testing.
Develop and deliver cybersecurity awareness training and education programs for employees to promote security awareness and best practices.
Collaborate with development and operations teams to integrate security into the software development lifecycle (SDLC) and DevOps processes.
Stay up-to-date with emerging cyber threats, vulnerabilities, and best practices, and implement appropriate measures to protect against them.
Conduct periodic security audits and assessments to ensure compliance with industry standards and regulations such as GDPR, HIPAA, PCI-DSS, and SOC 2.
Provide guidance and support to stakeholders on cybersecurity matters, including risk management, incident response, and compliance requirements.
Qualifications:
Bachelor's or Master's degree in Cybersecurity, Information Security, Computer Science, or a related field.
Proven experience as a Cybersecurity Specialist or similar role, with a strong background in cybersecurity principles, practices, and technologies.
Certifications such as CompTIA Security+ are preferred.
Deep understanding of cybersecurity frameworks and standards such as NIST Cybersecurity Framework, ISO/IEC 27001, and CIS Controls.
Experience with cybersecurity tools and technologies such as firewalls, IDS/IPS, SIEM, antivirus, and endpoint protection.
Hands-on experience with security assessment and penetration testing tools such as Nessus, Nmap, Metasploit, and Burp Suite.
Knowledge of encryption technologies, secure network architecture, and secure coding practices.
Strong analytical and problem-solving skills, with the ability to analyze complex technical issues and develop effective solutions.
Excellent communication and interpersonal skills, with the ability to communicate technical concepts to non-technical stakeholders.
Ability to work effectively in a fast-paced environment and manage multiple tasks simultaneously.
