Cyber Security Specialist

About The Role

Penetration Testing & Vulnerability Management

• Plan and execute penetration tests across network, application, and cloud environments; produce clear, risk-rated reports for technical and executive audiences.
• Manage the full vulnerability lifecycle — scanning, prioritisation, remediation tracking, and re-validation.

Security Operations & Incident Response

• Monitor and triage alerts across EDR, SIEM, and XDR platforms; lead incident response from containment through to post-incident review.
• Develop and maintain incident response playbooks covering ransomware, phishing, insider threats, and data exfiltration.

Security Device Configuration

• Configure and maintain next-generation firewalls (Palo Alto, Fortinet, or equivalent) — rulesets, threat prevention profiles, VPN, and SSL inspection.
• Administer and tune SIEM (Microsoft Sentinel / Splunk), XDR/MDR platforms (Defender XDR, CrowdStrike, SentinelOne), and email security gateways.
• Conduct regular rule base audits; validate firmware currency and HA configurations across all security appliances.

Identity & Access Management / Zero Trust

• Manage identity platforms (Microsoft Entra ID, Okta, or equivalent); enforce MFA, Conditional Access, and least-privilege access controls.
• Drive Zero Trust Architecture maturity — micro-segmentation, continuous verification, and privileged access management.

Cloud Security

• Assess and improve cloud security posture (Azure, AWS, or GCP) using CSPM tooling; enforce CIS Benchmark controls and remediate misconfigurations.
• Support secure architecture reviews for new cloud workloads and SaaS integrations.

Governance, Risk & Compliance

• Maintain and enforce cybersecurity policies aligned to ISO 27001, NIST CSF, NCA, or CIS Controls; support audits and contribute to the risk register.
• Conduct third-party and supply chain security assessments; report risk posture metrics to leadership.

Threat Intelligence & Threat Hunting

• Operationalise threat intelligence feeds; map TTPs to MITRE ATT&CK and translate intelligence into detection improvements and hunting queries.
• Conduct proactive threat hunts across SIEM and XDR telemetry to identify undetected attacker activity.

Application Security

• Perform application security assessments against OWASP Top 10; support SAST/DAST integration into development pipelines.
• Provide threat modelling and security guidance for new application development and API design.

Security Awareness & Culture

• Design and deliver a security awareness programme including phishing simulations, targeted training, and executive briefings.
• Champion security across the organisation — visible, accessible, and trusted by all business units.

What You Bring

• 6+ years of hands-on cybersecurity experience spanning multiple domains — not limited to a single specialty.
• Proven experience configuring and managing NGFWs, SIEM, and XDR/MDR platforms in a production environment.
• Strong grasp of offensive security techniques balanced with a defender's mindset.
• Fluency in at least one cloud platform (Azure, AWS, or GCP) from a security perspective.
• Confident communicator — equally effective presenting to the board and working alongside technical teams.
• Self-directed, intellectually curious, and current on the evolving threat landscape.

Certifications

• *One or more of the following is expected; breadth is valued over depth in a single track:*
• Bachelor’s in computer science / IT / Cybersecurity
• CISSP, CISM, CEH, OSCP, CompTIA Security+ / CySA+

• Fortinet NSE 4/7, FortiOS, FortiAnalyzer

• ISO/IEC 27001 Lead Implementer, CCSP, CRISC — advantageous