Description PURPOSE The main purpose of the Security Specialist is to enhance the organization's overall security posture by driving cyber maturity for security products, supporting the Security Operations Center (SOC) function, and managing security incidents. The specialist will engage with both internal and external resources to ensure the effective implementation and operation of security measures. You will engage with the following stakeholders: Business Unit Owners Chief Information Officer IT Risk Manager Enterprise Risk Manager IT Infrastructure team members Network team members Manager – End User Technology Internal Audit Systems Development team members External security vendors and partners Your key responsibilities include: Enhance Security Posture: Drive the overall cyber maturity of the organization's security products and practices to ensure a robust security posture. Conduct regular assessments and audits of security products to identify areas for improvement. Develop and implement strategies to enhance the effectiveness of security measures. Stay updated with the latest security trends, threats, and technologies to ensure the organization remains protected against emerging risks. Support SOC Function: Provide comprehensive support to the Security Operations Center (SOC) in monitoring, analyzing, and responding to security events and incidents. Ensure that all required services are connected to and monitored by the SOC. Assist in the development and maintenance of SOC processes and procedures. Collaborate with SOC analysts to investigate and resolve security incidents. Ensure the SOC has the necessary tools and resources to effectively monitor and respond to security threats. Incident Management: Lead the response to security incidents, including identification, containment, eradication, and recovery, ensuring minimal impact on business operations. Develop and maintain incident response plans and playbooks. Coordinate with internal and external stakeholders during incident response activities. Conduct post-incident reviews to identify lessons learned and implement improvements to prevent future incidents. Engage with External Resources: Develop and maintain relationships with external security vendors and partners to enhance the organization's security capabilities and ensure effective implementation and operation of security measures. Collaborate with external resources to stay informed about the latest security threats and best practices. Participate in industry forums and conferences to network with other security professionals and stay updated on industry developments. Manage service-level agreements with external security vendors to ensure the organization receives the best possible service. Implement Security Measures: Ensure the effective implementation and operation of security measures across the organization, collaborating with both internal and external resources. Develop and enforce security policies, standards, and procedures. Support the security awareness training for employees to ensure they understand and comply with security policies. Facilitate regular security assessments and penetration tests to identify and address vulnerabilities. Continuous Improvement: Identify and scope opportunities for improvement and innovation in security practices, contributing to the organization's strategic goals. Develop and implement a continuous improvement plan for the organization's security program. Monitor and evaluate the effectiveness of security measures and make recommendations for improvement. Foster a culture of continuous improvement within the security team and across the organization. Reporting and Dashboarding: Develop and maintain security dashboards to provide visibility into the organization's security posture. Generate regular reports on security metrics, incidents, and trends for management and stakeholders. Analyze security data to identify patterns, trends, and areas for improvement. Ensure accurate and timely reporting of security incidents and compliance with regulatory requirements. QUALIFICATION/KNOWLEDGE: Tertiary qualification or equivalent experience in computer science, information systems, or related technology infrastructure field. Security industry relevant certifications (e.g., CISSP, CISM, CISA, CompTIA Security, CEH). Understanding and application of the legislative and regulatory framework. Experience assessing, summarizing, and managing risk processes and methodologies in IT-related environments. Proficient with Microsoft Programs. Excellent written and verbal communication skills. EXPERIENCE 5 to 10 years in a large internal IT division or corporate IT company. Minimum 5 years experience in IT Infrastructure or related field. Sound background in technical/operational security. Good commercial/business experience. Excellent working knowledge of firewalling, intrusion prevention systems, proxies, gateways, network routing, switching, TCP/IP, Windows, Linux, virtualization (VMWare), penetration testing methodologies, security event and incident analysis, Unix scripting languages, databases, database security technologies, directory services (e.g., Microsoft Active Directory), security architectures, design, and protocols, and cryptography.