We are seeking a hands-on IT Security Specialist to design, implement, and operate effective security controls across our corporate IT and SaaS ecosystems. This role focuses on endpoint, identity, and SaaS security, building and maintaining secure baselines through effective use of MDM, EDR, and IAM, while ensuring controls are measurable, documented, and continuously improved.
You will work closely with Security and IT, Delivery, and Business stakeholders to reduce security risk, improve operational resilience, strengthen company-wide security awareness, and support audit readiness (SOC 2 / ISO/IEC 27001) through strong documentation, evidence collection, and continuous control improvement via GRC workflows. Responsibilities * Implement and administer MDM, EDR, and IAM controls (device enrollment & baselines, endpoint protection policies, hardening, SSO/MFA, conditional access, access reviews, etc.). * Maintain and continuously improve the security baseline for endpoints and corporate SaaS services. * Conduct regular security audits and assessments to ensure compliance with industry best practices and regulatory requirements (e.g., GDPR, ISO/IEC 27001, HIPAA). * SIEM implementation, onboarding log sources, maintaining ingestion, and alerting. * Perform risk assessments and recommend appropriate mitigation strategies. * Prepare and maintain security awareness materials and support company-wide security awareness activities to improve employees’ cyber hygiene. * Manage and respond to security incidents, including investigation, containment, eradication, recovery, and post-incident analysis. * Support vulnerability and patch remediation workflows. * Contribute to the development and maintenance of internal policies, procedures, and controls related to security and compliance. * Support SOC 2 and ISO/IEC 27001 readiness by maintaining evidence, assisting with control implementation tracking, and operating via GRC workflows where applicable. * Collaborate with other teams on secure onboarding of systems/vendors and ongoing security improvements. * Monitor and mitigate phishing, malware, and other cyber threats. * Maintain awareness of emerging threats and recommend improvements.
Requirements * 3+ years of hands-on experience in an IT service/outsourcing company in the position of IT Security / SecOps with strong security ownership. * Proven hands-on experience implementing and administering CrowdStrike Falcon (EDR/XDR), ManageEngine Endpoint Central (Zoho), and Okta IAM, in real environments (not just “familiarity”). * Strong understanding of endpoint and identity security fundamentals (device hardening, patching, MFA/SSO, conditional access, access lifecycle, etc.). * Hands-on experience with SIEM/log aggregation, including SIEM implementation, onboarding log sources, maintaining reliable log ingestion pipelines, and configuring alerting/use cases. * Solid understanding of SaaS security. * Experience with Google Workspace security administration at scale. * Practical familiarity with SOC 2 and/or ISO/IEC 27001 concepts and operational routines. * Experience in investigating security events and incidents, conducting root cause analysis, and producing post-incident reports. * Basic scripting knowledge (Bash, Python, PowerShell) for automation. * Strong analytical and troubleshooting skills, ability to work with logs, alerts, and system telemetry. * Ability to write and maintain technical documentation (policies, standards, processes, playbooks). * English: Upper intermediate or higher. * Ability to work independently and as part of a team. * Strong communication and interpersonal skills.
Would be a plus: * Familiarity with data privacy and regulatory compliance requirements (e.g., GDPR, HIPAA, PCI DSS). * Experience in data-intensive projects (DWH, BI, AI, analytics).
