Cybersecurity Specialist

Main purpose statement

The Cyber Security Specialist is responsible for various tasks, including specifying the parameters that the security solutions require to function properly, contributing to the engineering of the security solutions, carrying out operations with the support of the security solutions, operating the security solutions in functional and technical terms, and providing help and support to users.

Key responsibilities

Business enablement

Cloud computing

• Developing and implementing multi-cloud architecture to facilitate seamless integration across diverse cloud platforms
• Managing and overseeing Cloud Security Posture Management (CSPM) to uphold a secure cloud ecosystem
• Assuming ownership and responsibility for security incidents while implementing robust incident response procedures
• Integrating cloud logs and APIs to enhance visibility and security monitoring
• Deploying virtualised security appliances to fortify cloud infrastructure
• Securing cloud-native applications and establishing secure communication between containers
• Implementing security measures for service mesh and microservices to bolster overall cloud security
• Safeguarding serverless computing environments

Processes

• Managing HR processes related to onboarding and termination with a stringent focus on upholding security protocols
• Collaborating with business partners to embed security measures into all operational processes
• Assessment of emerging technologies such as quantum, cryptography, GenAI, blockchain, etc.
• Evaluating and analysing the security implications of emerging technologies to proactively fortify security measures

Developing and implementing security architecture 

• Application protection
• Implementing robust security measures to safeguard critical applications from potential threats
• Cloud/Hybrid/Multiple Cloud Vendors
• Designing and implementing secure architectures for cloud and hybrid environments while ensuring the security of multiple cloud vendors
• Multi-Cloud architecture
• Designing and implementing comprehensive security measures for multi-cloud architecture to ensure seamless operations across various cloud platforms

Risk Management

• Conducting comprehensive code reviews and utilising Static Application Security Testing (SAST) to identify and mitigate potential vulnerabilities

Ensuring security operations resilience through threat prevention 

• Application Security
• Establishing and enforcing robust application development standards to ensure secure software development
• Providing extensive training and conducting regular reviews to promote secure coding practices
• Performing thorough application vulnerability testing and addressing any identified issues
• Implementing File Integrity Monitoring (FIM) to uphold the integrity of critical files and data
• Integrating security measures into the Software Development Life Cycle (SDLC) and ensuring secure project delivery
• Maintaining an updated inventory of open source components and implementing source code supply chain security measures
• Ensuring the security of APIs to prevent unauthorised access and data breaches

Data Security

• Implementing robust security measures to protect unstructured and structured data, both on-premises and in the cloud
• Maintaining Data Loss Prevention (DLP) measures to prevent unauthorised data disclosure

Patching

• Implementing effective patch management processes to address security vulnerabilities in a timely manner

Ensuring security operations resilience through threat prevention involving

• SOC Operations
• Integrating security measures into DevOps practices to ensure secure development and operations

Use of AI, GenAI and Data Analytics

• Leveraging Artificial Intelligence (AI), GenAI capabilities, and Data Analytics to enhance physical security through computer vision, log anomaly detection, and machine learning model training and retraining

Automation and Analytics

• Implementing automated patching processes to ensure timely patch management
• Integrating security tools into Continuous Integration/Continuous Deployment (CI/CD) pipelines to enforce secure development practices
• Automating threat-hunting processes to identify and mitigate potential security threats proactively
• Automating risk scoring to prioritise and address security vulnerabilities effectively
• Automating asset inventory to maintain visibility and control over organisational assets
• Implementing security infrastructure as code to maintain consistent and secure infrastructure configurations
• Automating API inventory to manage and secure APIs effectively
• Automating risk register to maintain a comprehensive overview of security risks
• Automating security metrics to track and analyse the effectiveness of security measures
• Timely and proficient handling of security breaches, employing rapid response protocols and comprehensive remediation strategies.
• Methodically testing and assessing security products to guarantee alignment with specific operational requirements and standards.
• Compiling comprehensive reports meticulously documenting security incidents and the corresponding course of action.
• Research cutting-edge security technologies and proactive strategies to ensure current and proactive protection against evolving threats.

Key competencies

• Ability to problem solve and think creatively
• Possess business skills eg. IT knowledge, infrastructure, development, production operations steering and IT security and cybersecurity 
• Ability to work in a team and collaborate 
• •Ability to faciliate meetings, training etc.
• Creating specifications and conducting technical and operational reviews.
• Implementing and engineering solutions, including deployment, configuration, and testing.
• Managing operations, changes, and incidents.
• Conducting operations using security solutions such as IAM, DLP, DSPM and TPRM.
• Providing support and guidance to entities for installing and operating security solutions.
• Designing and producing indicators, reporting documents, and reports on the performance of security solutions.
• Implementing warranties such as alerts and controls.
• Leading working groups.
• Creating user, technical, and operational documentation.

Qualifications, skills and experience 

• Bachelor's degree in Computer Science, Information Technology or Cybersecurity
• Industry Certification will be advantageous (CompTIA, ISC2, etc.)
• Vendor Certification will be advantageous (Fortinet, Cisco, Microsoft, etc.)
• At least ten years experience in a technical hands-on administrative or engineering role responsible for cybersecurity toolsets including IAM, PAM, firewall, MFA, MDM, endpoint protection, vulnerability scanning, AD, Windows OS, Linux OS, network and Wi-Fi administration