Reports to:     Traffic & Security Team Manager

Our Client is a young, agile, and dynamic B2B service provider for many large reputable companies within the technology, betting, and gaming industries. The company has a fast-paced multinational culture and a fantastic opportunity for stepping up in your career and becoming an instrumental part of the team.

MAIN PURPOSE OF THE JOB

The Cyber Security Specialist will maintain strategies to prevent and detect malicious activities launched against the company’s digital assets by external threat actors. The Cyber Security Specialist will maintain the role of Subject matter expert on External Cyber Threats and act as a PoC for coordination with the SoC staff during incidents and investigations.

KEY RESPONSIBILITIES:

• Maintain and enhance processes and technologies that prevent and detect malicious activities launched against the company’s digital assets by external threats
• Implement, maintain and administer external threat Detection and Prevention Security Technologies such as: Intrusion Prevention and DDoS mitigation, Web Application Firewall (Cloud), Web Proxies, DNS monitoring (internal/external)
• Execute external Threat Solution engineering and technical architecture: Integrate technologies, maintain the security tooling, create and implement content\rules\triggers, troubleshoot tooling, create and optimize SoC workflows
• Proactively search for Anomalies and Trends in external threat behavior to detect suspicious activity across the company’s networks and servers
• Provide continuous training and knowledge base update to existing engineers on external threat detection and prevention and Incident Response
• Maintain the role of SME on External Threats and provide 2nd level support to SoC staff during Incidents and investigations
• Provide monthly reports on key incidents and trends relating to external threats to the relevant stakeholders
• Constantly assess current and future external threat strategies and technologies in relation to the company’s threat exposure

MINIMUM REQUIREMENTS:

• Bachelor’s degree in technical engineering or IT related field is an advantage
• Must have at least two of the following certifications:
• SANS SEC501: Advanced Security Essentials - Enterprise Defender
• SANS SEC503: Intrusion Detection In-Depth
• SANS SEC504: Hacker Tools, Techniques, Exploits and Incident Handling
• Cisco CCNA
• Military or Law Enforcement background preferred
• At least 10 years of system/network and/or application security experience, including active network and application intrusion prevention
• At least 6 years of experience with administering, tuning and configuring an Intrusion Prevention system and a Web Application Firewall
• At least 5 years of experience in leading and managing Cyber Security Incidents
• Detailed knowledge of network, Web and email related protocols (e.g., TCP/IP, UDP, IPSEC, SMTP, HTTP, HTTPS, routing protocols)
• Very detailed knowledge of system security vulnerabilities and remediation techniques
• Thoroughly knowledgeable in detecting anomalies or intrusions by using packet sniffers, FW access logs, Web server Access logs and operating system security logs
• Strong scripting skills (e.g., Perl, Python, Ruby, Shell script, JavaScript, PowerShell) required
• Experience using Agile methodology (e.g. Kanban or Scrum)
• Systematic problem-solving approach, coupled with strong communication skills and a sense of ownership and unmanaged drive
• Ability to work in a Team and works well under pressure and deadlines
• Ability to organize and manage multiple priorities
• Independent but collaborative, driven, assertive

COMPETENCIES AND SKILLS

• Strong problem-solving skills, critical thinking, excellent analytical ability, strong judgment and the ability to deliver high performance and high levels of customer satisfaction
• Adhering to Principles and Values
• Deciding and Initiating Action
• Must be able to work under extreme pressure
• Very high work ethics and personal integrity
• Discreet