• 1. Proactive Threat Management:

• Continuously monitor and assess the security of networks, systems, and applications to identify vulnerabilities.

• Implement and prioritize proactive security measures to mitigate risks and prevent security breaches.

• Stay updated on emerging threats and vulnerabilities, adjusting security protocols as necessary.

• 2. Incident Response and Management:

• Lead the detection, containment, eradication, and recovery efforts during cybersecurity incidents.

• Collaborate with Managed Service Provider (MSP) and Security Operations Center (SOC) teams to ensure effective incident response.

• Document, analyze, and refine incident response protocols based on lessons learned.

• 3. Cybersecurity Strategy Development:

• Design and implement a comprehensive cybersecurity strategy that evolves with emerging threats and industry trends.

• Conduct regular risk assessments and ensure the organization’s security posture remains robust and adaptable.

• Provide strategic input on system architecture to integrate security from the design phase onward.

• 4. Compliance and Audit Support:

• Ensure that cybersecurity policies and practices align with industry standards and regulatory requirements (e.g., NIST, ISO 27001, CIS Controls).

• Prepare and maintain documentation to support internal and external audits, demonstrating continuous compliance.

• Keep thorough records of all security activities and protocols to ensure audit readiness.

• 5. Security Architecture and Design:

• Play a key role in the architecture and design of secure systems and applications, ensuring that security is integrated from the ground up.

• Evaluate and recommend new security technologies and tools to enhance the organization’s security posture.

• Lead or participate in security architecture reviews for new and existing projects.

• 6. Threat Intelligence and Analysis:

• Monitor and analyze threat intelligence sources to stay ahead of potential threats and vulnerabilities.

• Integrate threat intelligence into the overall security strategy to ensure proactive defense measures are in place.

• Conduct in-depth analysis of attack patterns and methodologies to refine security controls.

• 7. Automation and Scripting:

• Develop and implement automation scripts to streamline repetitive security tasks, improving efficiency and accuracy.

• Utilize scripting languages (e.g., Python, PowerShell) to automate monitoring, incident response, and other security processes.

• Maintain and update automation tools to adapt to new security challenges.

• 8. Data Loss Prevention (DLP):

• Implement and manage Data Loss Prevention (DLP) solutions to protect sensitive data from unauthorized access or leaks.

• Develop and enforce policies and procedures to ensure the secure handling of data across the organization.

• Monitor DLP systems to identify and respond to potential data breaches or policy violations.

• 9. Third-Party Risk Management:

• Assess the security posture of third-party vendors and service providers to ensure they meet the organization's security requirements.

• Work with procurement and legal teams to include security clauses in contracts and service agreements.

• Conduct regular security assessments and audits of third-party vendors.

Required Qualifications:

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field.
• Minimum of 4-5 years in a cybersecurity role, with proven experience in a mid to large-sized organization.
• Deep knowledge of cybersecurity frameworks (NIST, ISO 27001, CIS Controls).
• Hands-on experience with security tools and technologies (e.g., firewalls, IDS/IPS, SIEM, endpoint protection).
• Strong understanding of cloud security, particularly with Azure and AWS and environments.
• Extensive knowledge and working experience of Microsoft 365 Admin Centers (Entra ID, Intune, Exchange, Security, Compliance).
• Proven ability to manage and respond to cybersecurity incidents effectively.
• Proficiency in programming and scripting languages (e.g., Python, PowerShell).
• Excellent problem-solving skills with the ability to analyze complex security issues and devise effective solutions.
• Strong communication abilities, particularly in articulating security concepts to non-technical stakeholders.
• Experience working across departments to integrate security considerations into all areas of business operations.
• Expertise in vulnerability management and penetration testing, with a focus on prioritizing and addressing critical vulnerabilities.
• Experience in managing security projects, including planning, execution, and monitoring, with the ability to coordinate cross-functional teams.
• Experience with digital forensics and investigation, including the ability to analyze compromised systems and identify root causes.
• Familiarity with Zero Trust principles and the ability to design and implement a Zero Trust architecture within the organization.

Preferred Qualifications:

• CISSP, CCSP, CCSK, CASP+, CEH, OSCP, or other relevant certifications are highly desirable.

• $140,000 - $175,000 a year
• Attention external recruitment firms, we will not accept any unsolicited resumes at this time. Please do not contact any internal member of our company to discuss the position or to solicit candidates.
• 174 Power Global provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics.
• www.174powerglobal.com