Senior Cybersecurity Specialist

As a seasoned cybersecurity professional, you will be responsible for designing, implementing and managing the security architecture of our organization. Your primary focus will be on securing IT infrastructure, conducting risk assessments, ensuring compliance and implementing Microsoft security layers to strengthen the organization's security posture.

• Design, configure and manage firewalls, deploy and maintain Web Application Firewalls (WAF), implement Endpoint Detection & Response (EDR) solutions and conduct regular firewall rule audits.
• Implement Microsoft Email Security, including configuring and managing Microsoft Defender for Office 365, implementing Safe Links, Safe Attachments and Anti-Phishing policies, monitoring and responding to email security alerts and conducting email security threat hunting.
• Deploy and manage Microsoft Defender for Endpoint (MDE) to protect corporate devices, enforce attack surface reduction (ASR) rules for endpoint protection, configure endpoint compliance policies using Microsoft Intune and implement DLP (Data Loss Prevention) policies to prevent data exfiltration.
• Implement and monitor Microsoft Purview Compliance Manager for risk assessment, enforce Information Protection & Encryption Policies using Microsoft Purview, configure and manage Conditional Access Policies in Microsoft Entra ID and ensure compliance with security frameworks like ISO 27001, NIST, CIS and GDPR.
• Monitor dark web forums, marketplaces and underground networks for stolen credentials, data leaks and insider threats, implement dark web intelligence tools, work with threat intelligence platforms to detect and respond to brand impersonation, phishing sites and fraudulent domains and collaborate with legal and compliance teams to enforce takedowns of malicious content.
• Investigate fraud incidents, phishing attempts and business email compromise (BEC), conduct forensic analysis on compromised endpoints, servers and email accounts, develop and implement threat intelligence and threat hunting processes and work closely with SOC teams for incident response and mitigation.
• Perform Vulnerability Assessments & Penetration Testing (VAPT) on infrastructure, applications and cloud environments, implement and manage intrusion detection/prevention systems (IDS/IPS), monitor, analyze and mitigate vulnerabilities from external and internal security scans and work with teams to remediate vulnerabilities and harden IT assets.
• Develop and enforce security policies, standards and procedures, implement Zero Trust Architecture and IAM policies, conduct security awareness training and phishing simulations and ensure compliance with ISO 27001, NIST, CIS, PCI-DSS, GDPR and other industry standards.

• Firewall & Network Security: Palo Alto, Fortinet, Cisco ASA, Check Point
• Microsoft Security Stack: Defender for Endpoint, Defender for Office 365, Intune, Purview Compliance
• Endpoint Security & EDR: Microsoft Defender, CrowdStrike, SentinelOne
• WAF & Web Security: Imperva, AWS WAF, Akamai, Cloudflare
• VAPT & Red Teaming: Burp Suite, Nessus, Metasploit, Kali Linux, OWASP ZAP
• SIEM & Threat Intelligence: Microsoft Sentinel, Splunk, QRadar, ELK Stack, MITRE ATT&CK
• Cloud Security: Azure Security Center, AWS Security Hub, GCP Security Command Center
• IAM & Zero Trust: Okta, Microsoft Entra ID, Conditional Access Policies, PAM
• Dark Web & Brand Monitoring: Recorded Future, Digital Shadows, Microsoft Defender Threat Intelligence

• Strong analytical and problem-solving skills
• Excellent communication and stakeholder management abilities
• Ability to work independently and in cross-functional teams
• Proactive security mindset with attention to detail

Certifications (Preferred, but not mandatory):

• CISSP – Certified Information Systems Security Professional
• CEH – Certified Ethical Hacker
• OSCP – Offensive Security Certified Professional
• CISM/CISA – Certified Information Security Manager/Auditor
• Microsoft Certified: Cybersecurity Architect (SC-100)
• Microsoft Certified: Security Operations Analyst (SC-200)
• Microsoft Certified: Information Protection Administrator (SC-400)

• 5+ years of experience in IT Security, Cybersecurity and Threat Intelligence
• Hands-on expertise in firewall management, endpoint security, WAF, email security and compliance
• Strong experience in fraud investigation, dark web monitoring and brand protection
• Proven ability to secure cloud, hybrid and on-premise environments