Security Specialist
Information Technology

MINIMUM QUALIFICATION & REQUIREMENT
• Degree in Cybersecurity, Network Security, or a related field with minimum 5 years of work experience in IT security, cybersecurity, network security or a relevant field, including 3 years of experience in a senior security role managing security operations, governance, or technical security implementations.
• Experience will be considered only upon submission of an official reference letter explicitly stating the duration of employment.
• Preference will be given to candidates who have professional certifications such as CISSP, CISM, CEH, OSCP, or GIAC

OVERALL SCOPE
The Security Specialist ensures the security and resilience of the organization's IT infrastructure, networks, applications, and software development activities. This role collaborates with development, infrastructure, and operations teams to integrate security best practices, enforce secure configurations, and protect critical assets.

SCOPE OF WORK
• Develop and implement a cybersecurity governance framework aligned with IT governance.
• Lead and manage a cybersecurity team responsible for internal security operations.
• Conduct continuous security risk assessments for IT systems, applications, and networks.
• Oversee threat intelligence, penetration testing, and vulnerability scanning to preemptively address risks.
• Define and execute incident response protocols for data leaks, cyberattacks, and security breaches.
• Implement Endpoint Detection & Response (EDR) solutions for continuous monitoring.
• Enforce privileged access management (PAM) for IT administrators and critical systems.
• Monitor and review administrative activities to detect anomalies and prevent insider threats.
• Implement auditing mechanisms for system logs, access control, and administrative actions.
• Securing Cloud hosted applications internal and external environments.
• Work closely with development teams to integrate security throughout the software development lifecycle, enforcing secure coding practices and mitigating risks from design to deployment.
• Security automation & compliance by automating security processes such as vulnerability scanning, application security testing, and compliance enforcement to ensure consistent security standards.
• Implement and manage secure authentication mechanisms, such as oauth, sso, mfa, and access control policies across applications and IT systems.
• Ensure data protection & encryption by establishing secure storage, transmission, and handling of sensitive information through encryption, tokenization, and data protection frameworks.
• Develop and implement incident response plans for handling cyber threats, security breaches, and vulnerabilities, ensuring timely resolution and mitigation.
• Provide training and guidance to it and development teams on secure coding practices, emerging security threats, and risk management strategies.
• Work alongside network, infrastructure, and cybersecurity teams to align security strategies with overall IT objectives and business needs.

JOB SKILLS AND SPECIFICATIONS
• Strong understanding of security protocols, cryptography, authentication, authorization, and access control mechanisms, including PKI, OAuth, SSO, MFA, IAM, and Zero Trust frameworks.
• Hands-on experience with threat detection, vulnerability assessment, penetration testing, and risk mitigation strategies, along with expertise in SIEM, IDS/IPS, endpoint security, and security automation tools.
• Proficiency in firewalls, cloud security (AWS, Azure), network segmentation, and secure configurations to safeguard enterprise IT environments.
• Experience in integrating security into SDLC, enforcing secure coding practices, conducting SAST/DAST testing, and securing CI/CD pipelines.
• Expertise in incident detection, response, and recovery, including forensic investigations, malware analysis, and implementation of Security Incident and Event Management (SIEM) solutions.
• Experience in administering network security related tools, PAM and endpoint protection (EDR, XDR) solutions.Experience and knowledge on network security platforms including enterprise firewall policy and configuration deployments.
• Knowledge of cybersecurity regulations, risk management frameworks, and industry standards such as ISO 27001, NIST, GDPR, PCI-DSS, and government cybersecurity policies.
• Ability to lead security initiatives, work cross-functionally with IT teams, and provide cybersecurity training and awareness to strengthen the organization’s security posture.
• Leadership experience in managing information /cyber security and managing a security team.
• Establish and maintain different Network Security platforms.
• Strong Knowledge in Network, security, routing, configurations
• Strong knowledge in Operating Systems, Virtualization, Computing, Enterprise storage systems, open source, networking technologies and cloud technologies
• Knowledge and understanding of different MSSQL & MySQL databases.
• Knowledge and understanding azure networking and security related configurations
• Project Management Skills – Good planning, scheduling, and analytic skills.
• Strong Analytical and problem-solving skills.
• Excellent communication and interpersonal skills.
• Ability to work independently and as part of a team.
• Ability to handle high-stress situations and make decisions under pressure.
• Continuous learning attitude to keep up with the evolving cybersecurity landscape.

SALARY PACKAGE
Negotiable based on education qualification and experience.

REQUIRED DOCUMENTS
• Educational Certificates
• Job reference letters
• NID card
• CV

EMPLOYMENT TYPE
Contractual (Initially offered a one-year contract, decision to offer a permanent placement will be decided upon completion of initial contract).

Apply via: https://jobs.hdc.mv 
Deadline: 11th May 2025, 14:00hrs
For Further Information: 3353535 or call center hotline: 1516