Cybersecurity Specialist

Job Title: Cybersecurity Specialist

About the Role:

We are seeking a highly skilled and experienced Cybersecurity Specialist to join our team at FDH Aero. As a key member of our security team, you will play a pivotal role in ensuring the confidentiality, integrity, and availability of our IT infrastructure.

Responsibilities:

• Implement and monitor security tools to ensure optimal configuration and performance.
• Manage and monitor security tools and solutions, such as SIEM, SOAR, vulnerability scanners, and penetration testing tools.
• Evaluate and recommend new security tools to enhance the organization's security posture.
• Address detected vulnerabilities promptly and devise strategic remediation plans.
• Conduct regular vulnerability scans using tools like Nessus, Qualys, or Rapid7 to identify and mitigate risks.
• Analyze vulnerability scan results and prioritize remediation efforts based on risk.
• Lead incident response efforts and coordinate organizational response strategies using tools like Splunk, ELK, or Sumo Logic.
• Conduct thorough investigations into security incidents and events using forensic tools and techniques.
• Analyze logs, network traffic, and other data to identify the root cause of incidents.
• Implement and configure SIEM tools like Splunk, QRadar, or ArcSight to monitor security events and generate alerts.
• Tune SIEM rules and correlation engines to minimize false positives and ensure effective detection of threats.
• Collaborate with the Engineering and Ops teams to respond to security alerts and investigate potential incidents.
• Conduct regular penetration tests using tools like Metasploit, Kali Linux, or Cobalt Strike to identify vulnerabilities and assess the effectiveness of security controls.
• Perform red team exercises to simulate real-world attack scenarios and test the organization's ability to detect and respond to threats.
• Analyze the results of penetration tests and red team exercises to identify areas for improvement and develop remediation plans.

Basic Qualifications:

• Bachelor's degree in information technology, computer science, or a related field.
• Preferred certifications: SSCP, CompTIA Security+, CISSP, GIAC.
• At least 10 years of experience in information security and technology.
• Familiarity with security frameworks and standards (CMMC, CIS, NIST).
• Experience with SIEM and SOAR technologies.
• Proficiency with cloud security in SaaS/IaaS/PaaS environments, particularly Azure.
• Expertise in endpoint security, secure web gateways, and application firewalls.
• Strong foundation in IT operations and continuous improvement practices.
• Advanced knowledge of network security and protocol analysis.
• Strong understanding of IDS/IPS, penetration, and vulnerability testing.
• Experience with Azure Government Cloud Community (GCC) High and FedRAMP is a plus.
• Strong programming and scripting skills (e.g., Python, Bash, PowerShell) for automating security tasks and developing custom solutions.
• Comfortable with some of the most widely used open-source security tools like Nmap, Wireshark, OWASP ZAP, Metasploit, Burp Suite, OpenSCAP, sqlmap, Scapy CrackStation, Aircrack-ng, Jok3r, etc.

Estimated Salary: $120,000 - $180,000 per year.