I.T. SECURITY SPECIALIST
Job Summary
The IT Security Specialist plays a key role in defending the corporate network by protecting
information from unauthorized access and security breaches. This includes monitoring
and detecting abnormal activity, responding to potential threats, and analyzing security
risks. The specialist implements mitigation strategies, manages and maintains firewalls
and intrusion detection systems, and contributes to IT Security governance processes and
documentation, ensuring that all IT systems comply with RG security policies.
Relationships
Reports to: CTO (directly)
Works with: I.T. Operations Manager, End users; Information Technology staff
Responsibilities and Duties:
Security Audits & Risk Assessment:
- Perform security audits to identify any security breaches, assess potential risks, and uncover vulnerabilities within the corporate network (on prem, cloud and hybrid).
- Document and analyze security breaches, focusing on protecting digital
assets and personal data, and develop strategies for mitigation and
repair.
- Maintain and improve the security posture of the groups’ Active directory
Identify opportunities to enhance the organization's security posture.
Penetration Testing & Compliance:
- Review penetration testing results to identify weaknesses in the security
architecture, evaluate network designs, and ensure that the responsible
teams, including web and infrastructure, prioritize and remediate the
findings accordingly.
- Ensure network and system designs comply with security standards
(NIST CSF, ISO 27001), industry regulations, and privacy laws such as
GDPR and CCPA.
System Management & Maintenance:
- Administer and maintain security systems, including emails, firewalls,
anti-virus, and malware prevention solutions.
- Implement and manage digital rights management (DRM) systems and
encryption technologies to protect media content and sensitive
information.
Security Monitoring & Incident Response:
- Monitor networks and systems for abnormal activities, using SIEM/SOAR,
EDR and Firewall tools (Darktrace, Splunk, Sophos etc.), and respond
promptly to security events.
- Assist in developing and maintaining a Security Operations Centre (SOC)
focusing on incident response.
- Utilize OSINT, external monitoring tools and threat intelligence feeds to
identify threats targeting the organization's external attack surface,
including detecting breached credentials and other potential risks, to
proactively enhance security monitoring and response efforts.
Collaboration & Documentation:
- Collaborate with IT teams, business teams and third-party vendors to
address security concerns and incidents, ensuring the protection of digital
assets and data integrity.
- Document and report all security incidents to the IT Manager and CTO,
utilizing the incident response phases, emphasizing compliance with
industry-specific regulations.
- Prepare time based operational and status reports for CTO and company
board.
Continuous Learning:
- Stay updated on the latest cybersecurity trends, threats, and
technologies, with a focus on the industry's unique challenges, including
piracy prevention, social engineering, AI attacks and data privacy.
Other Duties:
Perform any other related tasks assigned by Technology Management.
Authority:
Recommend security policies and strategies tailored to the media industry.
Educate users on security policies and best practices, emphasizing cybersecurity
awareness and compliance with data protection laws.
Performance Standards
To be advised of by supervisor
Job Specifications
Qualifications:
- 3-5 years in cybersecurity, focusing on network and systems security.
- Bachelor’s in Computer Science, IT, Cybersecurity, or related field.
- Certifications in CompTIA Security+, ISC2 CC, ISC2 SSCP.
- Additional Certifications (an asset) in Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Certified Information Security Manager (CISM), or other relevant certifications.
Technical Skills:
- Hands-on experience with modern security tools, such as next generation
firewalls, SIEM systems, OSINT and EDR solutions.
- Proficiency in Active Directory Security and Administration.
- Experience with modern security tools and cloud security (AWS, Azure, GCP).
- Experience with Zero Trust architecture, MFA implementation, and endpoint
protection strategies.
- In-depth knowledge of network protocols, encryption standards, and secure coding
practices.
- Experience with intrusion detection systems and network architecture including
switches and routers, UNIX, Linux, Host-based IDS, AES encryption.
- Knowledge of DRM systems, encryption standards, digital certificates, SSL-VPN,
IPSec, TCP/IP, DNS, and web security architecture specific to the media industry.
- Experience with security practices of Intranet and Extranet, network technologies
and with system, security, and network monitoring and security tools and
commands, software, and security architectures.
- Knowledge of protocols and databases relevant to the media industry, including
streaming technologies and content management systems. Others include:
SNMP, HTTP, HTTPS, SMTP, NTP, LDAP, KERBEROS, RADIUS and SFTP,
sequel databases such as mySQL, MS-SQL.
- Understanding of advanced security protocols, programming/scripting languages
(Java, Ruby, C#, Python, JavaScript, PHP, VB.NET, Powershell), and secure
coding practices.
- Strong skills in: Teamwork; Analysing; Organising, Documenting; Critical thinking
and Problem-solving.
Working Conditions:
• Normal Hours: Mon-Fri 8:30 AM – 5PM
• On Call Mon-Fri 5 pm – 8 AM (next day), Weekends/Public Holidays (24 hrs)
Why Join Us?
✔ Work in a dynamic and collaborative environment.
✔ Play a vital role in shaping the organization's cybersecurity framework.
✔ Continuous learning opportunities in the evolving field of IT security.
🔎 Ready to make an impact? Apply today and be part of a team that protects what matters!
#Cybersecurity #ITSecurity #Hiring #JobOpportunity