Responsibilities

• Perform security maturity assessments, including reviews of organizational policies, standards, procedures, and governance practices, aligned with the NIST CSF 2.0 cybersecurity framework.

• Review designed or deployed environments, identifying security flaws and recommending mitigations plans

• Review Implementation of technical security controls, identify gaps and offer practical mitigations.

• Escort, evaluate and improve our clients’ security posture by elevating their infrastructure resilience and implement best-practice organizational procedures

• Escort mitigation plans and design practical implementations for security issues e.g., firewall policies review, segmentation & segregation recommendations, Microsoft AD-tier Model implementation etc.

• Research and advocate for new security solutions and technologies

Qualifications

• 3+ years of hands-on experience with securing large organizational networks, including security controls, OS hardening, network devices’ security, etc.

• Strong understanding of governance, risk management, and operational processes.

• Familiarity with cybersecurity frameworks (NIST CSF, ISO 27001 concepts), risk assessment, mitigation planning, and third‑party risk management.

• Significant experience in at least five subjects from the following list:

• Vast knowledge and expertise in cyber-security IT systems and cloud infrastructure

• Deep understanding of Microsoft IT on-prem and cloud infrastructure, e.g., Entra-id, Office365, AD, GPO, protocols.

• Practical experience with cloud environments – AWS, Azure, GCP– A significant advantage

• Practical experience in consulting services and risk assessment

• Practical experience with security configuration and maturity assessment

• Knowledge of security controls, e.g., AV, EDR/XDR, DLP, Device control, etc.

• ZTNA design & deployment experience.

• Experience with implementing security monitoring procedures & systems (SOC, SIEM, SOAR)