We are seeking a skilled Information Security Specialist to join our team in safeguarding digital infrastructure, applications, and data through proactive threat detection, secure system design, and incident response.
Key Responsibilities:
* Develop and maintain security infrastructure including firewalls, SIEM, endpoint protection, and cloud security tools.
* Conduct regular threat modelling, vulnerability assessments, and penetration testing to identify and mitigate potential risks.
* Monitor and respond to security incidents; lead investigations and root cause analyses to ensure prompt resolution.
* Design and implement security controls in cloud (Azure, AWS) and on-prem environments to ensure compliance with industry standards.
* Support compliance initiatives (e.g., ISO 27001, GDPR, NIS2) through audits and documentation to maintain regulatory adherence.
* Work closely with IT and DevOps teams to ensure secure development practices and integrate security into the software development lifecycle.
* Deliver security awareness and training initiatives across the organisation to promote a culture of cybersecurity.
* Evaluate new technologies and make recommendations to enhance security posture and reduce potential threats.
Required Qualifications & Skills:
* Bachelor's degree in Computer Science, Information Security, or related field.
* 5+ years of experience in a security engineering or related technical role.
* Strong knowledge of network security, application security, and cloud security best practices.
* Familiarity with SIEM tools (e.g., QRadar, Splunk, Sentinel), IDS/IPS, firewalls, and EDR platforms.
* Experience with scripting or automation (Python, Bash, PowerShell, etc.).
* Understanding of frameworks and standards (NIST, ISO 27001, CIS Controls).
* Excellent problem-solving skills and the ability to work independently and as part of a team.
* Security certifications such as CISSP, CISM, CEH, or Azure Security Engineer Associate.
* Experience working in regulated environments (insurance, banking).
* Familiarity with DevSecOps and secure CI/CD pipeline integration.
* Experience with risk management and business continuity planning.