Senior Cybersecurity Specialist

At Jenny Barbour IT & Project Recruitment, we are seeking a highly skilled Senior Systems professional to join our team.

We are looking for a seasoned cybersecurity expert to lead the design, implementation, and maintenance of cybersecurity measures, identifying and mitigating potential vulnerabilities and threats. The ideal candidate will have a strong background in cloud security, endpoint security, application security, and vulnerability management.

• Systems Engineering: Implement, migrate, and fortify cloud infrastructure systems and platforms (AWS and Azure) to ensure robust security measures.
• Deploy, configure, administer, and harden: Windows core infrastructure services, O365, Active Directory, Azure AD, DHCP/DNS, DFS/CIFS, File, Print, desktop virtualization technologies (VmWare/ESXi/RDS), along with associated software and hardware infrastructure.
• Endpoint, Server, and Device Security: Evaluate and implement market-leading Endpoint Detection and Response Protection (EDR) solutions. Configure policies to ensure continuous scanning for vulnerabilities and compliance gaps and manage remediation plans. Implement robust security monitoring for Mobile Device Management Systems, ensuring the protection of mobile devices and sensitive company data.
• Application Security: Enhance and maintain Email Security services in accordance with best practices such as SPF, DKIM, and DMARC to bolster protection against email-based threats. Implement and maintain Data Loss Prevention (DLP) measures to prevent unauthorized data disclosure and protect sensitive information. Provide maintenance and support for Web Application Firewalls (WAF), Database firewalls, and Proxy systems to ensure comprehensive protection against cyber threats. Deploy and maintain Dynamic Application Security Testing (DAST) tools to identify security weaknesses and vulnerabilities.
• Vulnerability Management, Monitoring and Patch Management: Manage and optimize monitoring and detection tools, including Security Information and Event Management (SIEM) and Incident Detection Toolset (IDR). Configure and support External Attack Surface Management (EASM) tools for identifying and mitigating internet-facing risks. Deploy Honey Pot, Honey files, Honey Hashes, and Network Traffic Analysers for enhanced threat detection.
• Implement Security Orchestration, Automation, and Response (SOAR) workflows: Aligning with organisational policies. Maintain and configure SCAP compliant Vulnerability Management toolsets to scan all infrastructure to optimise CIS compliance.
• Review and implement Security Technical Implementation Guides (STIGs) and CIS/NIST recommendations: Based on risk appetite. Engage in threat modelling and analysis to pre-emptively identify and mitigate security risks and provide security governance during project and sprint stage gates.
• Configure systems to monitor key metrics and performance indicators: Across systems and infrastructure to support trend analysis and incident response.
• Identity, Authentication and Access Management: Collaborate on the design and implementation of Privileged Access Management (PAM), Identity and Access Management (IAM), and Identity Provider (IdP) systems in alignment with organisational security policies. Provide support and enforcement for Privileged Access Management (PAM) initiatives throughout the organisation.
• Data Protection and Cryptography (DPC): Support data protection and cryptography efforts including digital certificates and associated infrastructure.
• High Availability and Disaster Recovery: Implement comprehensive data backup solutions for hybrid cloud platforms and backup infrastructure to ensure the resilience and integrity of critical data assets. Provide support for Business Continuity Planning (BCP) and restoration activities to uphold the availability, confidentiality, and integrity of data assets during disruptive events.
• Incident Response: Develop and maintain incident response playbooks and procedures to address cybersecurity incidents effectively and offer prompt subject matter expertise and support within the Cybersecurity Incident Response Team (CIRT). Configure systems to collect forensic audit logs, identify Indicators of Compromise (IOCs), and provide necessary imaging support to ensure non-repudiation.

If you are a motivated and experienced cybersecurity professional looking for a new challenge, please click Apply to submit your interest for this role.