Position: Security Specialist (Junior 3-5 years) Med Senior (5-8 years) Senior (More than 8 years)

Location: Damascus (Onsite)

Employment Type: Full-time

Department: IT Department

Job Summary:

The Security Specialist will be responsible for implementing and managing security measures to protect the organization’s information systems and data. This role involves monitoring antivirus endpoints, conducting penetration testing, integrating security measures in a hybrid IT environment, and managing firewalls. The role requires a proactive approach to identifying potential threats and ensuring compliance with security policies and regulations.

Key Responsibilities:

• Security Implementation and Management:

o Implement and manage security controls to protect IT infrastructure, including networks, systems, and applications.

o Conduct regular penetration testing to simulate potential attacks and identify vulnerabilities.

o Configure and maintain security appliances such as firewalls, intrusion detection/prevention systems (IDS/IPS), and anti malware solutions.

• Firewall Management:

o Configure, manage, and monitor firewall systems to ensure network security and integrity.

o Create and maintain firewall rules and policies to protect against unauthorized access and threats.

o Troubleshoot and resolve firewall-related issues and ensure that security controls are properly enforced.

• Endpoint Security:

o Monitor and manage antivirus solutions and endpoint protection systems to ensure comprehensive coverage and threat detection.

o Respond to and investigate endpoint security alerts, ensuring timely remediation of threats.

• Hybrid Environment Security Integration:

o Design and manage security measures for hybrid IT environments, integrating on- premises and cloud-based resources.

o Ensure secure communication and data protection across hybrid environments.

o Implement and manage security policies and controls for cloud platforms, particularly

Microsoft Azure.• Incident Response and Investigation:

o Monitor security alerts and respond to security incidents in a timely manner.

o Conduct investigations into security breaches and incidents, including analyzing results from penetration tests.

o Develop and maintain incident response plans and procedures.

• Risk Management and Compliance:

o Assess and manage security risks associated with IT systems and processes.

o Ensure compliance with relevant regulations and industry standards (e.g., GDPR, HIPAA, PCI-DSS).

o Implement and enforce security policies, including data protection, access controls, and secure system configurations.

• Monitoring and Reporting:

o Monitor network and system activity using security information and event management (SIEM) tools.

o Generate and review security reports, including findings from penetration tests, endpoint security monitoring, and firewall logs, to provide insights into security posture and incident trends.

o Recommend improvements based on security monitoring, vulnerability assessments, and penetration testing.

• Documentation and Training:

o Create and maintain comprehensive documentation for security policies, procedures, and incident reports.

o Provide security awareness training and guidance to employees and stakeholders.

o Stay up-to-date with emerging security threats, technologies, and best practices.

• Collaboration and Support:

o Collaborate with IT teams to integrate security measures into systems and processes.

o Provide support and guidance for security-related issues and projects.

o Work with external vendors and partners to assess and manage security risks.

Qualifications:

• Experience:

o At least 3-5 years of experience in a security-focused role or related field.

o Hands-on experience with monitoring and managing antivirus and endpoint protection systems.

o Proven experience with penetration testing and vulnerability assessments.

o Experience with configuring, managing, and monitoring firewall systems.

o Experience with security measures for hybrid IT environments that include both on- premises and cloud resources.

• Skills:

o Strong knowledge of security protocols, threat landscape, and risk management practices.

o Experience with security technologies and tools such as firewalls, IDS/IPS, and SIEM systems.

o Familiarity with regulatory requirements and compliance standards (e.g., GDPR, HIPAA, PCI-DSS).

o Proficiency in integrating security measures across hybrid environments and cloud platforms.

• Certifications:

o Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), CompTIA Security+, or similar are preferred.

• Soft Skills:

o Excellent problem-solving and analytical skills.

o Strong communication and collaboration skills.

o Ability to work independently and manage multiple tasks and priorities.

o Attention to detail and commitment to maintaining high security standards.