Cyber Security Specialist at ADvTECH

Key Responsibilities:

Digital Certificate Management:

• Manage the lifecycle of digital certificates, including issuance, renewal, and revocation.

Security Posture Assessment:

• Regularly assess and enhance ADvTECH’s security posture based on Microsoft’s recommendations.
• Implement security configurations to improve the overall Secure Score.

Vulnerability Management:

• Analyse vulnerability scores to identify and prioritize weaknesses.
• Collaborate with teams to remediate vulnerabilities efficiently.
• Actively exploit vulnerabilities to assess potential impact and generate detailed reports.

Analytical Rules Monitoring:

• Collaborate with the SOC Team to implement and refine analytical rules in Microsoft Sentinel.
• Build and enhance workbooks for comprehensive reporting and visualization.

Remediation Coordination:

• Collaborate with IT teams to ensure timely and effective remediation of identified vulnerabilities.
• Track and consolidate remediation tasks and provide regular updates to stakeholders.

Password Policy Management:

• Administer and allocate user assignments for Last Pass activation.
• Review and update password policies based on emerging threats and industry standards.

Attack Surface Reduction:

• Design and implement ASR rules to minimize the attack surface on endpoints.

Security Baselines:

• Apply security baselines to enforce recommended security configurations on enrolled devices.

Threat Intelligence Integration:

• Incorporate threat intelligence feeds into Microsoft Defender.
• Customize threat analytics rules to align with ADvTECH’s threat landscape.

Incident Response & Threat Hunting:

• Escalate and consult on security incidents identified by Microsoft Defender.
• Conduct advanced threat hunting to proactively identify potential threats.

Open Source Monitoring:

• Continuously monitor open sources for indicators of compromise (IOCs).
• Utilize custom Onion Crawler to detect and analyse leaked credentials and exposed systems.

APT Forum Engagement:

• Engage in trusted APT forums to gather insights on potential threats.
• Monitor forums for discussions related to emerging threats and vulnerabilities.

SOCRadar & Flare Integration:

• Integrate SOCRadar into threat intelligence processes.
• Develop and maintain Onion Crawler that operates with Flare for deep and dark web monitoring.

Simulated Attacks & Vulnerability Assessment:

• Plan and coordinate simulated attacks with Pen-testing Vendors.
• Oversee regular vulnerability scans and analyse results for remediation.

Reporting:

• Compile monthly security reports and quarterly Steer com reports.
• Summarize findings from dark web monitoring and botnet activities.
• Document security risks, penetration testing outcomes, and security incidents.

Qualifications:

• Proven experience in cyber security, vulnerability management, and threat intelligence.
• Proficiency with Microsoft security tools (Microsoft Defender, Sentinel, etc.).
• Strong analytical and problem-solving skills.
• Excellent communication and collaboration abilities.

Training & Development:

• Provide training to team members on MDE, BitLocker, and Patch Management systems.
• Assist the security team in managing daily cyber SOC tickets.