Responsibilities:
Cyber Incident and Forensic Investigation
- Lead and conduct thorough cyber incident investigations, ensuring proper analysis of threats and breaches.
- Perform forensic analysis to understand the scope of security incidents and assist in data recovery, evidence preservation, and reporting
SOC Incident Monitoring and Investigation
- Oversee Level 2/3 SOC operations to ensure the timely identification and resolution of security threats.
- Coordinate and lead incident response efforts across various security systems, managing escalations effectively.
Vulnerability Assessment and Penetration Testing (VA/PT)
- Conduct vulnerability assessments and penetration testing on networks, systems, and applications.
- Provide actionable recommendations for remediation of identified vulnerabilities and ensure security measures are implemented.
Endpoint Security Management
- Implement and manage endpoint security solutions including anti-malware, encryption, and troubleshooting of endpoint devices.
- Ensure that all endpoints are secured in compliance with company security policies.
Ethical Hacking and Security Testing
- Perform hands-on ethical hacking, including penetration testing and vulnerability assessments, to assess and enhance organizational security posture.
Qualifications:
- Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or equivalent certifications.
- CISSP (Certified Information Systems Security Professional) or equivalent certification is highly preferred.
- 5+ years of experience in cybersecurity, with hands-on experience in incident response, digital forensics, and security engineering.
- Demonstrated experience in managing security operations within a Level 2/3 SOC environment.
- Proven experience in vulnerability assessments, penetration testing, and remediation strategies.
- Expertise in endpoint security tools and anti-malware solutions.
- Strong experience in ethical hacking and penetration testing practices.
- Deep understanding of common attack vectors and security tools (e.g., SIEM, IDS/IPS, endpoint protection).
- Strong knowledge of encryption protocols and endpoint protection strategies.
- Familiarity with network security principles, firewalls, VPNs, and intrusion detection systems.
- Ability to clearly explain complex security issues and incident findings to non-technical stakeholders.
