Information Technology Security Specialist

About the Role

This position is for a seasoned IT security professional who can help reinforce the organization’s cybersecurity defenses, safeguard technology assets, and support strong resilience against changing threats. The work centers on risk reviews, incident handling, regulatory alignment, and the ongoing enhancement of controls across both cloud-based and on-premises systems.

Core Responsibilities

• Own the organization’s IT security policy set, making sure the policies are put into practice and reviewed on a regular basis.
• Assist with security governance activities and coordinate with the IS Manager and internal audit teams.
• Make sure operations align with security requirements, regulatory obligations, and audit expectations.
• Oversee and administer security tools and supporting infrastructure across cloud and local environments.
• Review logs, carry out security checks, and ensure backups and access permissions remain protected.
• Identify, assess, and respond to security events, incidents, and unusual behavior.
• Watch for network intrusions using CND-related solutions such as IDS/IPS, SIEM, firewalls, and similar tools.
• Perform vulnerability reviews and security tests on systems and applications.
• Set up, maintain, and tune protective technologies including firewalls, antivirus, anti-spam, IDS/IPS, and VPN solutions.
• Maintain secure network settings and ensure changes follow approved change-management procedures.
• Work with external vendors, support proof-of-concept evaluations, and present outcomes to management.
• Draft technical incident reports and contribute to disaster recovery and business continuity planning.
• Track emerging threat trends and advise on appropriate risk-reduction measures.

Technical Background and Experience

• Deep understanding of IDS/IPS, SIEM platforms, and computer network defense toolsets.
• Practical experience with utilities such as Wireshark, Nessus, Kali Linux, Burp Suite, and Nmap.
• Background in SOC, CIRT, CERT, CSIRC, or IT audit-related environments is preferred.
• Working knowledge of key frameworks and standards including ISO 27001, NIST 800, and COBIT.
• Familiarity with Microsoft security products such as Defender for Endpoint, Azure Sentinel, Microsoft 365 Security, and Defender for Cloud.
• Experience with Azure Key Vault, HSM, and BYOK encryption methods.
• Strong administration and hardening capability for Windows operating systems.
• Exposure to firewalls, WAF, VPNs, antivirus tools, and broader network security controls.
• Hands-on familiarity with Cisco FTD, Palo Alto, Barracuda firewall platforms, and NAC solutions is an advantage.
• Experience managing SIEM environments, analyzing intrusions, and responding to malware or virus outbreaks.

Qualifications

• A bachelor’s degree in Computer Engineering, Information Technology, or a related discipline is required.
• Professional certifications such as CISSP, CISM, and CEH are preferred.
• Additional vendor certifications from Cisco, Palo Alto, F5, or Barracuda will be considered a plus.