Cyber Security

The Cyber Security is responsible for designing, implementing, monitoring, and maintaining the organization’s cybersecurity controls and security infrastructure. This role ensures the confidentiality, integrity, and availability of company systems and data by protecting against cyber threats, responding to incidents, managing vulnerabilities, and enforcing security best practices across the IT environment.

• Monitor security systems such as SIEM, EDR/XDR, firewalls, IDS/IPS, and email security solutions.
• Detect, analyze, and respond to suspicious activities, alerts, and potential security incidents.
• Investigate security events and escalate critical incidents as required.
• Support the continuous improvement of threat detection use cases and alert tuning.

• Conduct regular vulnerability assessments and coordinate remediation efforts.
• Identify, assess, and prioritize security risks across servers, endpoints, applications, and network devices.
• Work closely with infrastructure and application teams to remediate vulnerabilities in a timely manner.
• Track remediation progress and provide risk-based reporting.

• Implement, configure, and maintain cybersecurity tools and technologies.
• Manage endpoint protection, DLP, MFA, VPN security, web filtering, and access control system.
• Ensure security systems are updated, optimized, and functioning properly.
• Evaluate and recommend new security technologies and tool.
• Participate in incident response activities including triage, containment, eradication, and recovery.
• Perform root cause analysis and document incident findings.
• Support digital forensic investigations when needed.
• Develop and maintain incident response procedures and playbooks.

• Apply security hardening standards for servers, workstations, network devices, and cloud resour.
• Support secure configuration baselines and system patching proces.
• Collaborate with IT teams to integrate security into infrastructure design and operational proces.
• Assist in the implementation of Zero Trust and defense-in-depth strateg.

• Support identity and access management controls, including privileged access and role-based access.
• Review user permissions and access rights to ensure compliance with least privilege princi.
• Assist in implementing and monitoring MFA, SSO, and identity governance solut.

• Support compliance with internal security policies, standards, and regulatory requirements.
• Assist in security audits, assessments, and control re.
• Participate in risk assessments and help define mitigation strat.
• Maintain evidence and documentation required for compliance and audit activ.

• Contribute to user awareness initiatives and promote cybersecurity best pra.
• Maintain accurate documentation of security tools, procedures, configurations, and incident r.
• Develop technical documentation, runbooks, and standard operating proced.
• Share knowledge with IT teams and support junior security staff when needed.

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field (preferred).

• 3+ years of experience in cybersecurity, information security, or security engineerin g roles.
• Hands-on experience with security tools such as SIEM, EDR, firewalls, IDS/IPS, vulnerability scanners, and email security gateways.
• Experience in incident response, vulnerability management, and security mon.
• Familiarity with securing on-premises and/or cloud envir.

• Strong knowledge of cybersecurity principles, frameworks, and best p.
• Good understanding of network security, system security, endpoint protection, and identity ma.
• Familiarity with TCP/IP, DNS, VPN, routing, switching, and common attack te.
• Knowledge of vulnerability scanning and remediation p.
• Ability to analyze logs, alerts, and incidents eff.
• Understanding of operating systems security (Windows/Linux) and Active Directory envi.
• Strong troubleshooting, analytical, and problem-solvin g skills.
• Good communication and documentation skills.
• Ability to work collaboratively with cross-function teams.

• Security+ CEH (Certified Ethical Hacker) CySA+ SC-200 / SC-30 0 / AZ-500 Fortinet, Palo Alto, or other vendor-specific security cert.

• Proactive and security-minded with strong attention to detail.
• Able to work under pressure and respond effectively to security inc.
• Strong sense of ownership and accountability.
• Continuous learner with interest in evolving cybersecurity threats and te.
• Team player with a practical and solution-orient mindset.

• May require on-call support or flexible working hours for incident handling and critical secu.
• May participate in after-hours maintenance or emergency response activities.
• Primarily office-based with possible hybrid or remote support responsibilities…