Cybersecurity Expert

YOUR TASKS

We are seeking a dedicated Cybersecurity Expert to join our team and help protect and continuously improve our organization’s security posture. In this role, you will monitor and defend our systems in real-time, lead incident response and threat hunting efforts, and drive strategic security enhancements. You’ll play a critical part in safeguarding company data and services from cyber threats. This is an exciting opportunity for a mid-level professional who enjoys both hands-on security operations and contributing to long-term security strategy. If you thrive on solving complex security challenges – from rapidly responding to incidents to proactively hunting for hidden threats – and want to make a real impact on our security maturity, we’d love to hear from you.

Key Responsibilities:

• Security Monitoring & Operations:
  • Monitor Security Information and Event Management (SIEM) dashboards and alerts to identify and analyze potential threats in real time.
  • Perform in-depth analysis of suspicious activities, anomalies, and malware indicators; triage security events and escalate incidents as appropriate.
  • Conduct regular vulnerability assessments and support penetration testing efforts to uncover security weaknesses, working with IT teams to remediate findings.
  • Support patch management by tracking critical vulnerabilities and verifying that systems and applications are updated in a timely manner to reduce exposure.
• Incident Response:
  • Investigate and contain cybersecurity incidents or breaches – coordinate actions such as evidence collection, digital forensic analysis (disk, memory, logs), and system recovery to minimize damage.
  • Lead post-incident analysis to determine root causes and create incident reports with actionable recommendations to prevent recurrence.
  • Develop and maintain incident response playbooks and procedures, ensuring they stay up-to-date with emerging threats and lessons learned from past events.
  • Coordinate with IT infrastructure, development, and business teams during incident response to ensure effective communication and swift resolution of issues.
• Threat Hunting & Digital Forensics:
  • Proactively hunt for threats lurking in our networks and systems that may evade automated defenses, by analyzing security logs, network traffic, and endpoint data for signs of malicious activity.
  • Develop hypotheses of potential attacker tactics (using frameworks like MITRE ATT&CK) and investigate those leads to uncover stealthy threats; create custom detection queries or scripts to support hunting operations.
  • Perform deep-dive forensic analysis on digital evidence (such as malware samples, system images, memory dumps) to extract indicators of compromise and understand attack techniques.
  • Continuously collaborate with the SOC team to integrate threat hunting findings into improved monitoring rules and to enhance overall incident detection capabilities.
• Security Architecture & Engineering:
  • Collaborate with IT to design and implement security enhancements across our networks, cloud environments, and applications (e.g., improving network segmentation, hardening configurations, deploying new security tools).
  • Evaluate new security technologies and tools (for example, advanced threat detection platforms or forensic tools), providing input on their potential value and overseeing pilot implementations.