Cybersecurity Expert Wanted

We are seeking a highly skilled Cybersecurity Specialist to design, implement, and manage the security architecture of our organization.

• Firewall Management & Network Security
  • Design, configure, and manage firewalls (Palo Alto, Fortinet, Cisco ASA, Check Point) to ensure secure network communication.
  • Deploy and maintain Web Application Firewalls (WAF) for web security (Cloudflare, Imperva, AWS WAF).
  • Implement Endpoint Detection & Response (EDR) solutions like Microsoft Defender for Endpoint, CrowdStrike, SentinelOne.
  • Conduct regular firewall rule audits, optimize configurations, and enforce Zero Trust principles.
• Microsoft Security Layer Implementation
  • Microsoft Email Security
    • Configure and manage Microsoft Defender for Office 365 to protect against phishing, malware, and email threats.
    • Implement Safe Links, Safe Attachments, and Anti-Phishing policies.
    • Monitor and respond to email security alerts in Microsoft Security Portal.
    • Conduct email security threat hunting using Defender for O365 and advanced hunting queries.
  • Microsoft Endpoint Security
    • Deploy and manage Microsoft Defender for Endpoint (MDE) to protect corporate devices.
    • Enforce attack surface reduction (ASR) rules for endpoint protection.
    • Configure endpoint compliance policies using Microsoft Intune.
    • Implement DLP (Data Loss Prevention) policies to prevent data exfiltration.
  • Compliance & Risk Management
    • Implement and monitor Microsoft Purview Compliance Manager for risk assessment.
    • Enforce Information Protection & Encryption Policies using Microsoft Purview.
    • Configure and manage Conditional Access Policies in Microsoft Entra ID.
    • Ensure compliance with security frameworks like ISO 27001, NIST, CIS, and GDPR.
  • Dark Web Monitoring & Brand Protection
    • Monitor dark web forums, marketplaces, and underground networks for stolen credentials, data leaks, and insider threats.
    • Implement dark web intelligence tools such as Recorded Future, Digital Shadows, or Microsoft Defender Threat Intelligence.
    • Work with threat intelligence platforms to detect and respond to brand impersonation, phishing sites, and fraudulent domains.
    • Collaborate with legal and compliance teams to enforce takedowns of malicious content.
  • Fraudulent Incident Investigation & Threat Hunting
    • Investigate fraud incidents, phishing attempts, and business email compromise (BEC).
    • Conduct forensic analysis on compromised endpoints, servers, and email accounts.
    • Develop and implement threat intelligence and threat hunting processes.
    • Work closely with SOC teams for incident response and mitigation.
  • VAPT & IT Security Operations
    • Perform Vulnerability Assessments & Penetration Testing (VAPT) on infrastructure, applications, and cloud environments.
    • Implement and manage intrusion detection/prevention systems (IDS/IPS).
    • Monitor, analyze, and mitigate vulnerabilities from external and internal security scans.
    • Work with teams to remediate vulnerabilities and harden IT assets.
  • IT Security & Compliance Management
    • Develop and enforce security policies, standards, and procedures.
    • Implement Zero Trust Architecture and IAM policies.
    • Conduct security awareness training and phishing simulations.
    • Ensure compliance with ISO 27001, NIST, CIS, PCI-DSS, GDPR, and other industry standards.

Requirements:

• Technical Skills:
  • Firewall & Network Security: Palo Alto, Fortinet, Cisco ASA, Check Point
  • Microsoft Security Stack: Defender for Endpoint, Defender for Office 365, Intune, Purview Compliance
  • Endpoint Security & EDR: Microsoft Defender, CrowdStrike, SentinelOne
  • WAF & Web Security: Imperva, AWS WAF, Akamai, Cloudflare
  • VAPT & Red Teaming: Burp Suite, Nessus, Metasploit, Kali Linux, OWASP ZAP
  • Siem & Threat Intelligence: Microsoft Sentinel, Splunk, QRadar, ELK Stack, MITRE ATT&CK
  • Cloud Security: Azure Security Center, AWS Security Hub, GCP Security Command Center
  • IAM & Zero Trust: Okta, Microsoft Entra ID, Conditional Access Policies, PAM
  • Dark Web & Brand Monitoring: Recorded Future, Digital Shadows, Microsoft Defender Threat Intelligence
• Soft Skills:
  • Strong analytical and problem-solving skills.
  • Excellent communication and stakeholder management abilities.
  • Ability to work independently and in cross-functional teams.
  • Proactive security mindset with attention to detail.
• Certifications (Preferred):
  • CISSP – Certified Information Systems Security Professional
  • CEH – Certified Ethical Hacker
  • OSCP – Offensive Security Certified Professional
  • CISM/CISA – Certified Information Security Manager/Auditor
  • Microsoft Certified: Cybersecurity Architect (SC-100)
  • Microsoft Certified: Security Operations Analyst (SC-200)
  • Microsoft Certified: Information Protection Administrator (SC-400)
• Experience Required:
  • 5+ years of experience in IT Security, Cybersecurity, and Threat Intelligence.
  • Hands-on expertise in firewall management, endpoint security, WAF, email security, and compliance.
  • Strong experience in fraud investigation, dark web monitoring, and brand protection.
  • Proven ability to secure cloud, hybrid, and on-premise environments.