Information Security Specialist

About the role

The Information Security Specialist will lead end‑to‑end cybersecurity operations for a Libyan technology solutions provider supporting an oil‑sector client. The role focuses on protecting critical infrastructure, sensitive data, and ensuring operational continuity.

Key responsibilities

• Monitor SIEM and XDR platforms, analyze logs, investigate alerts, and conduct threat hunting.
• Manage the full incident response lifecycle: detection, containment, eradication, recovery, forensic analysis, and reporting.
• Design, implement, and maintain secure network and system infrastructure, including firewalls, VPNs, IDS/IPS, endpoint protection, hardening controls, and zero‑trust principles.
• Perform vulnerability scans, risk assessments, penetration testing, remediation follow‑ups, and patch management.
• Administer Identity and Access Management controls such as Active Directory, Microsoft Entra ID, MFA, conditional access, and least‑privilege enforcement.
• Support Governance, Risk, and Compliance activities, including audits, policy enforcement, and alignment with ISO 27001 and NIST standards.
• Develop cybersecurity strategies, advise management on risks, and align security initiatives with business objectives.
• Implement data protection controls like DLP, encryption, and email security.
• Monitor emerging threats, maintain indicators of compromise, and map threats to MITRE ATT&CK.
• Conduct cybersecurity awareness training and phishing simulations.

Required profile

• Proven experience monitoring SIEM/XDR platforms and conducting threat hunting.
• Hands‑on experience managing incident response from detection to reporting.
• Strong background in network security design and implementation.
• Experience with vulnerability management, penetration testing, and patch processes.
• Solid knowledge of IAM solutions, especially Active Directory and Microsoft Entra ID.
• Familiarity with GRC frameworks, ISO 27001, and NIST.

Required skills

• SIEM, XDR
• Firewalls, VPN, IDS/IPS, endpoint protection
• Zero‑trust security principles
• Vulnerability scanning, penetration testing, patch management
• Active Directory, Microsoft Entra ID, MFA, conditional access
• ISO 27001, NIST
• DLP, encryption, email security
• MITRE ATT&CK framework