The Cybersecurity & Risk Management Professional role is designed for security-focused professionals who are passionate about protecting enterprise systems, networks, and digital assets from evolving cyber threats. This position focuses on identifying security vulnerabilities, monitoring threat activities, managing risk mitigation strategies, and supporting incident response operations across complex IT environments.
Professionals in this role will collaborate closely with infrastructure teams, software engineers, network administrators, security analysts, and business stakeholders to strengthen organizational security posture and ensure compliance with cybersecurity best practices. The position involves monitoring security events, investigating suspicious activities, securing enterprise infrastructure, and implementing proactive defense mechanisms to minimize business risk.
The role provides hands-on exposure to Security Operations Center (SOC) activities, SIEM platforms, threat intelligence frameworks, incident response processes, network security technologies, endpoint protection solutions, and enterprise risk management practices. Candidates will work with modern cybersecurity tools and methodologies while contributing to threat detection, vulnerability management, security monitoring, and continuous security improvement initiatives.
This opportunity is ideal for professionals seeking to build expertise in cybersecurity operations, threat analysis, digital forensics, risk management, security architecture, and enterprise defense strategies while working within dynamic and technology-driven environments.
Roles & Responsibilities
- Monitor, investigate, and respond to security alerts generated by SIEM platforms and enterprise monitoring systems.
- Perform threat analysis, incident investigation, and root cause identification for security events and suspicious activities.
- Utilize Cyber Kill Chain, MITRE ATT&CK Framework, and threat intelligence methodologies to assess security risks.
- Manage and optimize security technologies including Firewalls, WAFs, IDS/IPS, Proxies, and Endpoint Protection solutions.
- Monitor Windows and UNIX/Linux environments to identify vulnerabilities, unauthorized changes, and security misconfigurations.
- Analyze network traffic, packet flows, and communication protocols across multiple layers of the OSI model.
- Investigate VPN, DNS, SNMP, and other network services to ensure secure and reliable operations.
- Support incident response activities including containment, eradication, recovery, and post-incident analysis.
- Identify security gaps, recommend remediation actions, and implement risk mitigation strategies.
- Monitor system logs, telemetry data, and security metrics to improve threat detection capabilities.
- Collaborate with infrastructure, development, and operations teams to strengthen security controls and compliance standards.
- Participate in Agile ceremonies including sprint planning, stand-ups, and technical review discussions.
- Develop and maintain security documentation, incident reports, security procedures, and operational guidelines.
- Conduct security assessments, vulnerability reviews, and compliance-related activities.
- Assist in implementing monitoring frameworks, logging solutions, and security analytics tools.
- Support continuous improvement initiatives for security operations, threat detection, and incident management processes.
- Research emerging cyber threats, attack techniques, and security technologies to improve enterprise defense capabilities.
- Contribute to security awareness, best practice adoption, and risk management initiatives across the organization.
- Maintain security standards, governance requirements, and operational security policies.
- Support automation initiatives to enhance security monitoring, reporting, and incident response efficiency.
Key Skills
- Cybersecurity Operations, Security Monitoring, and Risk Management
- SIEM Administration, Alert Investigation, and Incident Analysis
- Security Operations Center (SOC), Threat Detection, and Incident Response
- Cyber Kill Chain, MITRE ATT&CK Framework, and Threat Intelligence
- Firewall Management, Web Application Firewalls (WAF), and IDS/IPS Technologies
- Endpoint Security, Anti-Malware Solutions, and Security Controls
- Windows Security, UNIX/Linux Administration, and System Hardening
- Network Security, OSI Model Fundamentals, and Protocol Analysis
- DNS, VPN, SNMP, and Secure Network Communications
- Log Analysis, Security Analytics, and Telemetry Monitoring
- Vulnerability Assessment, Risk Identification, and Remediation Planning
- Digital Forensics, Root Cause Analysis, and Security Investigations
- Security Architecture, Infrastructure Protection, and Compliance Practices
- Cloud Security Fundamentals across AWS, Azure, and Google Cloud Platforms
- Security Automation, Python Scripting, and Bash Scripting
- Security Documentation, Audit Support, and Governance Standards
- Threat Hunting, Security Research, and Emerging Threat Analysis
- Analytical Thinking, Problem Solving, and Critical Decision-Making
- Communication Skills, Stakeholder Collaboration, and Reporting
- Continuous Learning, Security Awareness, and Technology Adaptability
Education
- Bachelor’s Degree in Cybersecurity, Information Technology, Computer Science, Information Security, Engineering, or related technical disciplines.
- Master’s Degree in Cybersecurity, Information Security, Computer Science, or a related field is an added advantage.
- Professional certifications such as CEH, Security+, GCIH, CISSP, CISM, or equivalent cybersecurity credentials are highly desirable.
- Candidates with relevant practical experience, security projects, and demonstrated technical expertise will also be strongly considered.