Security Specialist

About The Position

Requirements

• Strong knowledge of cybersecurity principles, threat detection, vulnerability management, incident response, and security monitoring within enterprise environments.
• Working knowledge of networking, operating systems, identity and access management, endpoint security, cloud security concepts, and enterprise security controls.
• Experience using security technologies and tools, including SIEM platforms, EDR/XDR solutions, vulnerability scanning tools, email security solutions, and Microsoft security technologies within Azure environments.
• Ability to investigate security alerts and incidents, analyze logs and attack activity, prioritize remediation efforts, and support containment and recovery activities.
• Ability to support security governance and compliance initiatives, including control validation, audit support, documentation management, and alignment with frameworks such as NIST, CIS, ISO, SOC, CMMC, and FedRAMP.
• Strong analytical, organizational, and communication skills with the ability to document findings, escalate risks appropriately, collaborate across technical and business teams, and operate effectively within established security processes and procedures.
• Bachelor’s degree in Cybersecurity, Information Technology, or related field, or equivalent hands‑on experience
• 3 - 6 years of practical experience in information security operations
• Experience working in enterprise SOC, IT security, or infrastructure teams

Nice To Haves

• Relevant industry certifications preferred, such as CompTIA Security+, Certified Ethical Hacker (CEH), Microsoft Azure security certifications, Microsoft Purview certifications, or other comparable cybersecurity and cloud security credentials

Responsibilities

• Monitor, analyze, and support remediation of security vulnerabilities across enterprise systems, applications, endpoints, cloud environments, and network infrastructure.
• Assess and prioritize security findings, threats, and control gaps based on business risk, attack exposure, and operational impact.
• Support incident response activities, including alert triage, threat investigation, escalation, documentation, and coordination with technical teams.
• Monitor and evaluate the organization’s attack surface to identify exposed assets, misconfigurations, unauthorized access risks, and security weaknesses.
• Support security operations within Microsoft Azure environments, including monitoring and administration activities related to Microsoft Defender, Microsoft Sentinel, Microsoft Purview, and related security technologies.
• Assist with endpoint, operating system, and network security initiatives, including configuration validation, compliance monitoring, access controls, firewall reviews, and device management activities.
• Support data governance and data security posture management initiatives, including data classification, labeling, access monitoring, and protection of sensitive information.
• Assist with implementation, validation, and documentation of security controls aligned with regulatory, compliance, and cybersecurity frameworks, including NIST, CMMC, ISO, SOC, CIS, and FedRAMP standards.
• Maintain and update security policies, procedures, standards, audit evidence, operational documentation, and compliance tracking records.
• Collaborate with engineering, infrastructure, data, and compliance teams to improve security posture, support secure adoption of AI technologies, participate in security assessments and tabletop exercises, and recommend continuous improvement opportunities.