IT Security Specialist

Summary

The IT Security Specialist is crucial for protecting the corporate network from unauthorized access and security breaches. This involves monitoring and detecting abnormal activity, responding to potential threats, and analyzing security risks. The specialist will implement mitigation strategies, manage and maintain firewalls and intrusion detection systems, and contribute to IT Security governance processes and documentation, ensuring that all IT systems comply with corporate security policies.

Responsibilities

• Security Audits & Risk Assessment:

  • • Perform security audits to identify any security breaches, assess potential risks, and uncover vulnerabilities within the corporate network (on-prem, cloud, and hybrid).
  • • Document and analyze security breaches, focusing on protecting digital assets and personal data, and develop strategies for mitigation and repair.
  • • Maintain and improve the security posture of the group’s Active Directory.
  • • Identify opportunities to enhance the organization's security posture.

• Penetration Testing & Compliance:

  • • Review penetration testing results to identify weaknesses in the security architecture, evaluate network designs, and ensure that the responsible teams, including web and infrastructure, prioritize and remediate the findings accordingly.
  • • Ensure network and system designs comply with security standards (NIST CSF, ISO 27001), industry regulations, and privacy laws such as GDPR and CCPA.

• System Management & Maintenance:

  • • Administer and maintain security systems, including emails, firewalls, anti-virus, and malware prevention solutions.
  • • Implement and manage digital rights management (DRM) systems and encryption technologies to protect media content and sensitive information.

• Security Monitoring & Incident Response:

  • • Monitor networks and systems for abnormal activities, using SIEM/SOAR, EDR and Firewall tools (Darktrace, Splunk, Sophos etc.), and respond promptly to security events.
  • • Assist in developing and maintaining a Security Operations Centre (SOC) focusing on incident response.
  • • Utilize OSINT, external monitoring tools, and threat intelligence feeds to identify threats targeting the organization's external attack surface, including detecting breached credentials and other potential risks, to proactively enhance security monitoring and response efforts.

• Collaboration & Documentation:

  • • Collaborate with IT teams, business teams, and third-party vendors to address security concerns and incidents, ensuring the protection of digital assets and data integrity.
  • • Document and report all security incidents to the IT Manager and CTO, utilizing the incident response phases, emphasizing compliance with industry-specific regulations.
  • • Prepare time-based operational and status reports for CTO and company board.

• Continuous Learning:

  • • Stay updated on the latest cybersecurity trends, threats, and technologies, with a focus on the industry's unique challenges, including piracy prevention, social engineering, AI attacks, and data privacy.

• Other Duties:

  • • Perform any other related tasks assigned by Technology Management.

Required Skills

• • Hands-on experience with modern security tools, such as next-generation firewalls, SIEM systems, OSINT, and EDR solutions.
• • Proficiency in Active Directory Security and Administration.
• • Experience with modern security tools and cloud security (AWS, Azure, GCP).
• • Experience with Zero Trust architecture, MFA implementation, and endpoint protection strategies.
• • In-depth knowledge of network protocols, encryption standards, and secure coding practices.
• • Experience with intrusion detection systems and network architecture including switches and routers, UNIX, Linux, Host-based IDS, AES encryption.
• • Knowledge of DRM systems, encryption standards, digital certificates, SSL-VPN, IPSec, TCP/IP, DNS, and web security architecture specific to the media industry.
• • Experience with security practices of Intranet and Extranet, network technologies, and with system, security, and network monitoring and security tools and commands, software, and security architectures.

• Knowledge of protocols and databases relevant to the media industry, including streaming technologies and content management systems. Others include:

  • • SNMP, HTTP, HTTPS, SMTP, NTP, LDAP, KERBEROS, RADIUS, and SFTP, sequel databases such as mySQL, MS-SQL.
• • Understanding of advanced security protocols, programming/scripting languages (Java, Ruby, C#, Python, JavaScript, PHP, VB.NET, Powershell), and secure coding practices.

• Strong skills in:

  • • Teamwork; Analyzing; Organizing, Documenting; Critical thinking and Problem-solving.

Qualifications

• • 3-5 years in cybersecurity, focusing on network and systems security.
• • Bachelor’s in Computer Science, IT, Cybersecurity, or related field.
• • Certifications in CompTIA Security+, ISC2 CC, ISC2 SSCP.
• • Additional Certifications (an asset) in Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Certified Information Security Manager (CISM), or other relevant certifications.

Additional Information and Instructions

• Working Conditions:

  • • Normal Hours; Mon-Fri 8;30 AM – 5PM
  • • On Call Mon-Fri 5 pm – 8 AM (next day), Weekends/Public Holidays (24 hrs)

Why Join Us? ✔ Work in a dynamic and collaborative environment. ✔ Play a vital role in shaping the organization's cybersecurity framework. ✔ Continuous learning opportunities in the evolving field of IT security.

Share This Job