GRC Specialist

Job Summary:

The L2 Security Specialist will take a proactive role in threat hunting, security assessments, and improving defensive measures. This role involves deeper technical analysis, security tool management, and incident response.

Key Responsibilities:

• Perform Data Discovery & Classification to enforce data protection policies.
• Manage File Upload Security Solutions to prevent malware and data leaks.
• Conduct Attack Surface Management ( ASM) to reduce exposure to threats.
• Execute Breach & Attack Simulation (BAS) and assist Red Team operations.
• and analyze Phishing Simulation campaigns to improve security awareness.
• Implement and audit Active Directory (AD) Security controls.
• Lead IT Governance, Risk & Compliance (GRC) initiatives (e.g., ISO 27001, NIST).
• Deploy and analyze Decoy (Honeypot ) systems to detect advanced threats.
• Administer Mobile Device Management (MDM) security policies.
• Ensure Secure Data Backup & Recovery (Ransomware Protection) effectiveness.
• Configure and maintain Network Access Control (NAC) solutions.

Required Skills & Qualifications:

• 35 years of experience in cybersecurity operations.
• Hands-on experience with SIEM, BAS, ASM, and NAC tools.
• Strong knowledge of phishing, ransomware defense, and AD security.
• Experience in GRC frameworks (ISO 27001, NIST, GDPR) .
• Familiarity with honeypots, incident response, and threat intelligence.
• Certifications like CISSP, CISM, OSCP, or CASP+ preferred.