Cyber Security Specialist

About the Role As a Cyber Security Specialist, you will play a pivotal role in proactively identifying, evaluating, and reducing the attack surface of our organization. Responsibilities Attack Surface Discovery: Continuously identify and catalogue all external and internal assets (cloud, on‑premises, IoT, third‑party systems, etc.) using automated and manual discovery techniques. Vulnerability Management: Evaluate discovered assets for vulnerabilities and misconfigurations; prioritize remediation efforts based on risk and business impact. Threat Intelligence Integration: Correlate attack surface data with threat intelligence to contextualize findings and anticipate emerging risks. Attack Surface Reduction: Partner with IT, DevOps, and application teams to minimize unnecessary exposures and streamline asset footprint. Incident Response Support: Provide asset and exposure data during security incident investigations to enable rapid containment and remediation. Reporting & Metrics: Develop and present clear, actionable reports and dashboards for technical and executive audiences, including trend analysis and attack surface KPIs. Tool Evaluation & Management: Assess, deploy, and manage Attack Surface Management (ASM) platforms and related technologies. Policy Development: Contribute to security policies, standards, and best practices surrounding asset inventory and exposure management. Awareness & Training: Educate stakeholders on attack surface risks and mitigation strategies. Security Strategy: Support the successful execution of the Security Strategy. Qualifications Experience: 3+ years in cyber security, with a focus on attack surface management, asset discovery, or vulnerability management in a large enterprise or technology environment. Technical Skills: Strong understanding of networking, web technologies, cloud platforms (AWS, Azure, GCP), and security tooling (ASM, EDR, SIEM, etc.) and vulnerability scanning tools. Analytical Abilities: Proficient in risk assessment, data analysis, and correlating technical findings with business risk. Collaboration: Demonstrated ability to work with cross‑functional teams, including IT, application development, and business units. Certifications: Relevant security certifications preferred (e.g., CISSP, OSCP, GIAC, CompTIA Security+). Communication: Excellent written and verbal communication skills; ability to convey complex technical issues to diverse audiences. Familiarity with regulatory requirements (e.g., GDPR, HIPAA, PCI‑DSS) and how they impact asset and exposure management. Experience with automation and scripting for asset discovery and reporting (e.g., Python, PowerShell). Background in incident response and digital forensics. Additional compensation and benefits: The base salary range for this position is R, -R, plus benefits. This range represents the minimum and maximum new hire compensation for this role. The position may also be eligible for incentive plans and additional benefits, in accordance with company policy and local regulations. Our salary ranges are determined by role, level, and location with individual compensation also dependent on factors such as qualifications, experience, and skills. Final offers will reflect these considerations and may vary accordingly. We are an Equal Opportunity and affirmative action employer. We particularly welcome applicants from traditionally underrepresented groups. We consider everyone equally: your race, age, religion, sexual orientation, gender identity, ability, marital status, nationality, or any other protected characteristic won't affect your application. Due to certain obligations to our customers, an offer of employment will be subject to your successful completion of applicable background checks, conducted in accordance with local law. #J-18808-Ljbffr