IT Security Specialist
About this position
We are seeking an experienced IT Security Specialist to join our team and lead our cybersecurity. This role requires a highly skilled individual to design, implement, and maintain security strategies that protect our digital assets, ensure compliance, and reduce risk. The IT Security Specialist will collaborate with cross-functional teams to assess vulnerabilities, enhance security protocols, and ensure data protection across all digital channels.
Responsibilities
• Network Security Strategy Development: Design, implement, and manage enterprise-level security policies and protocols tailored to industry-specific needs, ensuring the protection of sensitive data and compliance with regulatory standards.
• Proactively monitor systems for security breaches, respond to threats, and conduct thorough vulnerability assessments and penetration tests.
• Incident Response and Recovery: Develop and execute incident response plans, ensuring timely and efficient mitigation and recovery in the event of security incidents.
• Compliance and Risk Management: Ensure compliance with relevant regulations and standards, such as ISO27100, or industry-specific protocols.
• Work closely with IT and business teams to implement secure systems and applications and provide ongoing security training to staff to foster a security-conscious culture.
• Security Technology Management: Oversee the management and maintenance of security technologies, including firewalls, IDS/IPS, antivirus systems, and data encryption.
• Vendor and Third-Party Risk Management: Evaluate and manage security risks associated with third-party vendors, ensuring that their security practices align with organizational standards.
Requirements
• At least 4 years of experience in IT security, with knowledge of offensive/defensive security.
• Expertise in security tools (firewalls, IDS/IPS, antivirus, etc.), security information and event management, and cloud security. Familiarity with endpoint protection, VPNs, and encryption technologies is essential.
• Strong understanding of network infrastructure and network hardware.
• Relevant security certifications such as CISSP, CISM, CISA, or equivalent.
• Strong problem-solving skills with a proven track record in threat detection, risk assessment, and vulnerability management.
• In-depth knowledge of compliance frameworks or industry-specific standards.
• Excellent verbal and written communication skills to effectively communicate security concepts to technical and non-technical audiences.