We are seeking an experienced Information Security Specialist responsible for end-to-end cybersecurity operations, including monitoring, protection, and risk management of organizational systems and data. Key Responsibilities 1. Security Operations (SOC / Analyst): Monitor SIEM/XDR, analyze logs, detect threats, investigate alerts, perform threat hunting, and escalate incidents. 2. Incident Response & Forensics: Manage full incident lifecycle (detect, contain, eradicate, recover), perform forensic analysis, identify root causes, and produce reports. 3. Security Engineering (Infrastructure): Design and secure networks/systems, manage firewalls, VPNs, IDS/IPS, endpoint protection, and implement hardening and zero-trust principles. 4. Vulnerability Management & Testing: Conduct vulnerability scans, risk assessments, penetration testing, and ensure remediation and patch management. 5. Identity & Access Management (IAM): Manage AD/Entra ID, enforce MFA and conditional access, review permissions, and apply least privilege principles. 6. Governance, Risk & Compliance (GRC): Conduct audits, ensure compliance (ISO 27001, NIST, internal policies), perform risk assessments, and enforce security policies. 7. Security Strategy & Consulting: Develop security strategies, advise management on risks, and align cybersecurity initiatives with business objectives. 8. Data Protection & Security: Implement DLP, encryption, email security, and ensure confidentiality, integrity, and availability of data. 9. Threat Intelligence: Monitor emerging threats, maintain IOCs, analyze attack trends, and map to frameworks like MITRE ATT&CK. 10. Security Awareness: Conduct user training, phishing awareness, and promote cybersecurity best practices across the organization. 11. System Security Maintenance: Ensure patching, updates, endpoint protection, and continuous improvement of security posture. Required Qualifications • Bachelor’s degree in Cybersecurity, IT, or related field. • 5+ years in cybersecurity or IT security. • Certifications (preferred): o CISSP o CEH o Security+ o SC-200 / SC-300 o OSCP Technical Skills • SIEM / XDR (Microsoft Defender, Sentinel) • Firewalls & network security • Windows Server & Active Directory • Cloud security (Microsoft 365 / Azure) • Vulnerability tools (Nessus, etc.) • Scripting Soft Skills • Strong analytical thinking • Incident handling under pressure • Professional reporting (technical & executive) • High confidentiality and integrity Work Conditions • On-call for incidents • High-responsibility role (critical infrastructure) • Access to sensitive systems and data Summary Responsible for full cybersecurity lifecycle including monitoring, defense, response, compliance, and strategic security implementation.