Senior Specialist, Cybersecurity

Job SummaryThis role is for a Cyber Security Operations leader who will be responsible for planning, managing, and executing the overall security strategy. Key activities involve supervising a team of security analysts, overseeing day-to-day security operations like monitoring, troubleshooting, and incident response/forensics. The position also supports security governance, compliance, threat intelligence, and involves performing technical evaluations (POCs), as well as developing and delivering security awareness training.

• Assist the Cyber Security Operations Manager in planning, implementing, and managing the overall security operations strategy.
• Supervise a team of security analysts and engineers, providing guidance, support, and training as needed.
• Conduct regular security assessments, penetration testing, and vulnerability assessments to identify and mitigate risks.
• In-depth knowledge in Endpoint Detection & Response (EDR/XDR) solutions.
• Knowledgeable in IT networking, Network security solutions, WAF, Privilege Access Management (PAM), Virtualizations.
• Technically capable in conducting POCs and related to cybersecurity.
• Capable in plan and managed a multiple cybersecurity project simultaneously.
• Monitor security systems and tools, investigating and responding to security incidents in a timely manner.
• Coordinate with cross-functional teams, department and divisions to ensure compliance with established security policies, standards, and procedures.

• Apply your knowledge of cloud platforms (e.g., AWS, Google Cloud, Azure, etc) to develop and implement robust security controls and measures.
• Work closely with the Cloud Operations team to ensure the security of cloud-based infrastructure, services, and applications.
• Identify and address cloud-specific security risks, such as misconfigurations, data breaches, and unauthorized access.
• Stay updated on the latest cloud security trends, emerging threats, and best practices to proactively address potential vulnerabilities.

• Assist or lead and participate in incident response activities, including containment, eradication, and recovery.
• Conduct digital forensics investigations to determine the root cause of security incidents and develop remediation plans.
• Collaborate with internal stakeholders and external partners, such as law enforcement agencies, to address complex security incidents.

• Assist in enforcing U Mobile security policies, standards, and procedures aligned with industry best practices and regulatory requirements.
• Assist in periodic security audits and assessments to evaluate compliance with internal and external security standards.
• Prepare and present reports or Root cause analysis (RCA) on security metrics, incidents, and risks to senior management and relevant stakeholders.

• In-depth knowledge in VAPT assessment, scanning, identifying, assessing, reporting on, managing and remediating cyber vulnerabilities across endpoints, workloads, and systems.
• Knowledge in cyber threat intelligence system and able to discovered, corelate and take action on discovered threats to reduced company risks.
• Unauthorized Device Hunting
• Perform regular security scans to detect unauthorized devices on the network.
• Verify device identity and usage, escalating suspicious findings for further management action.
• Document and report unauthorized device incidents to senior management.

• Capable on 24x7 standby (on rotational basis – if necessary) to handle security tickets.
• Ensure timely response and closure of tickets within agreed SLA.
• Escalate significant security events or incidents following established SOPs.

• In charge in performing prove of concept (poc) on any technology related to cybersecurity.
• Capable in creating test matrix suitable to U Mobile environment and writing details reports
• Work closely with technology providers / vendors and ensure poc to be completed within the required timeline

• Assist in developing and delivering security awareness programs to educate employees about security best practices and potential threats.
• Conduct security training sessions for staff members to enhance their understanding of security protocols and procedures.

• Maintain accurate records of security-related activities using internal system or equivalent tools.
• Prepare and submit reports with recommended actions on identified cybersecurity issues.
• Support in updating security policies, standards, and procedures.