IT Security Specialist

Job summary The Cyber Security Specialist will assist the information security team in protecting the organization's information assets from cyber threats, with a specific focus on maintaining and improving the ISO / IEC 27001 Information Security Management System (ISMS). This role is ideal for a junior professional with a strong interest in cyber governance, compliance, and risk management. Skills Essential duties and responsibilities Compliance and policy management : Support the information security team in day-to-day tasks related to the ISO 27001 framework. This includes maintaining ISMS documentation, records, and policies to ensure they are up-to-date and compliant with the standard. Risk assessment and management : Assist with identifying, assessing, and documenting potential security risks and vulnerabilities. Support the implementation of controls and mitigation plans to address identified risks. Audit support : Help coordinate evidence collection for internal and external audits related to ISO 27001. Track and follow up on any compliance tasks and remediation actions across departments. Security monitoring : Monitor network traffic, logs, and security alerts for suspicious activity or security incidents. Escalate and assist in investigating security events as they occur. Vulnerability management : Support vulnerability assessment and penetration testing activities on internal systems, applications, and networks. Assist with remediation efforts to fix identified weaknesses. Security awareness and training : Contribute to the development and delivery of security awareness training programs for employees. Track completion and help foster a security-conscious culture. Incident response : Participate in incident response activities and business continuity testing as directed by senior staff. Help to document incident details and remediation steps. Reporting : Prepare and maintain reports documenting security metrics, incident summaries, and ISMS performance. Qualifications Education : Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field Experience : One year of experience in information security, IT support, or risk management role, with exposure to security frameworks. ISO 27001 knowledge : Basic understanding of ISO 27001 principles and its associated controls, risk assessment processes, and compliance practices. Analytical skills : Strong analytical and problem-solving skills, with excellent attention to detail. Communication : Excellent verbal and written communication skills to effectively collaborate with technical and non-technical stakeholders. Technical foundation : Familiarity with network protocols, security controls (e.g., firewalls, access controls), and common security tools (e.g., SIEM, vulnerability scanners) is a plus. Certifications (preferred) : A relevant entry-level security certification, such as CompTIA Security+, or an introductory ISO / IEC 27001 certification

#J-18808-Ljbffr