IT Security Specialist

Job summary

The Cyber Security Specialist will assist the information security team in protecting the organization's information assets from cyber threats, with a specific focus on maintaining and improving the ISO/IEC 27001 Information Security Management System (ISMS). This role is ideal for a junior professional with a strong interest in cyber governance, compliance, and risk management.

Skills

Essential duties and responsibilities

• Compliance and policy management:Support the information security team in day-to-day tasks related to the ISO 27001 framework. This includes maintaining ISMS documentation, records, and policies to ensure they are up-to-date and compliant with the standard.
• Risk assessment and management:Assist with identifying, assessing, and documenting potential security risks and vulnerabilities. Support the implementation of controls and mitigation plans to address identified risks.
• Audit support:Help coordinate evidence collection for internal and external audits related to ISO 27001. Track and follow up on any compliance tasks and remediation actions across departments.
• Security monitoring:Monitor network traffic, logs, and security alerts for suspicious activity or security incidents. Escalate and assist in investigating security events as they occur.
• Vulnerability management:Support vulnerability assessment and penetration testing activities on internal systems, applications, and networks. Assist with remediation efforts to fix identified weaknesses.
• Security awareness and training:Contribute to the development and delivery of security awareness training programs for employees. Track completion and help foster a security-conscious culture.
• Incident response:Participate in incident response activities and business continuity testing as directed by senior staff. Help to document incident details and remediation steps.
• Reporting:Prepare and maintain reports documenting security metrics, incident summaries, and ISMS performance.

Qualifications

Education:Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field

• Experience:One year of experience in information security, IT support, or risk management role, with exposure to security frameworks.
• ISO 27001 knowledge:Basic understanding of ISO 27001 principles and its associated controls, risk assessment processes, and compliance practices.
• Analytical skills:Strong analytical and problem-solving skills, with excellent attention to detail.
• Communication:Excellent verbal and written communication skills to effectively collaborate with technical and non-technical stakeholders.
• Technical foundation:Familiarity with network protocols, security controls (e.g., firewalls, access controls), and common security tools (e.g., SIEM, vulnerability scanners) is a plus.
• Certifications (preferred):A relevant entry-level security certification, such as CompTIA Security+, or an introductory ISO/IEC 27001 certification