IT Security Specialist

The IT Security Specialist is responsible for implementing, monitoring, and maintaining the organization's cybersecurity framework to protect company assets, data, and systems. This role focuses on ensuring compliance with security standards, managing the asset lifecycle, vulnerability assessment, and continuously improving security posture across the organization. The IT Security Specialist will collaborate with IT teams and stakeholders to promote security awareness and enforce security policies.

Job Requirements:

Required

• Bachelor's degree in Information Technology, Cybersecurity, or related field, or equivalent work experience
• Strong knowledge of security frameworks (e.g., Cyber Essentials Plus)
• Experience with security monitoring tools, vulnerability scanning, and remediation
• Understanding of access control systems and multi-factor authentication
• Familiarity with asset management and endpoint protection systems
• Experience with Microsoft Defender and Intune or similar MDM solutions
• Knowledge of firewall configuration and management
• Excellent documentation and reporting skills
• Strong analytical and problem-solving abilities
• Good communication skills for conveying security concepts to non-technical stakeholders

Preferred

• Security certifications (e.g., CompTIA Security+, CISSP, CISM)
• Experience with cloud security in Microsoft 365/Azure environments
• Knowledge of mobile device security management
• Familiarity with compliance frameworks and audit processes
• Experience with security information and event management (SIEM) tools
• Understanding of encryption technologies and implementation

Job Responsibilities:

Asset Management & Compliance

• Implement and manage the asset suspension process for workstations (laptops and NUCs) that have been inactive for extended periods
• Ensure 95% of devices inactive for 30+ days are suspended within 24 hours
• Escalate devices inactive for 60+ days to IT Lead with recommendations for wiping and marking as lost/stolen
• Maintain accurate inventory of all managed devices, including status tracking in management systems
• Monitor and enforce encryption (BitLocker) on 100% of active and spare assets across all platforms (Windows, Android, iOS)

Security Monitoring & Response

• Review and respond to 100% of security alerts within SLA timeframes
• Perform weekly security alert checks and prepare monthly reporting
• Monitor and verify proper implementation of endpoint security solutions (Defender, IPS/Malware protection) with 98% coverage
• Conduct quality checks on newly onboarded devices for security compliance
• Identify and address security risks and vulnerabilities

Authentication & Access Management

• Enforce Multi-Factor Authentication (MFA) across all account types:
• 100% MFA implementation on guest accounts
• 100% MFA implementation on user accounts
• 100% MFA implementation on admin accounts
• 100% MFA implementation on company service accounts
• Manage AD accounts according to security best practices
• Ensure third-party access accounts are properly secured
• Eliminate generic admin accounts and properly manage specialized admin accounts

Vulnerability Management

• Conduct regular vulnerability scans across all active corporate devices
• Review scan results and create tickets for identified issues/risks
• Assess and report on risk scores, exposure levels, health status, and outdated operating systems
• Identify non-compliant assets and escalate to IT Directors/Leads for resolution
• Address unauthorized/BYOD devices according to company security policies

Firewall & Network Security

• Review firewall rules and document changes
• Maintain comprehensive documentation for firewall configurations
• Assist with network intrusion prevention monitoring
• Review IPS reports for critical activities

Security Compliance & Documentation

• Support maintenance of Cyber Essentials Plus certification
• Ensure all security documentation is properly organized and accessible
• Contribute to the annual review of the Cyber Incident Response Plan
• Participate in security review meetings and document action items
• Track and follow up on security activities

Mobile Device Management

• Ensure 98% of mobile devices are up-to-date and compliant with security policies
• Verify all enrolled devices are running the latest operating systems per Cyber Essentials Plus requirements
• Monitor device check-ins and activity
• Reconcile mobile device tracking between management systems
• Enforce BYOD policies to prevent unauthorized access to company systems

Meeting & Reporting

• Prepare for and participate in monthly Security Review Meetings
• Contribute to security agenda items and interactive reporting
• Provide updates on security activities, compliance status, and issue resolutions
• Support the annual Network & Security Policies review meeting
• Document and track action items from security meetings