Cybersecurity Operations Specialist II

Overview and Responsibilities

We are seeking a versatile and technically well-rounded cybersecurity professional to join our global team as a Specialist II in Cybersecurity Operations. This role is ideal for someone who thrives in dynamic environments and brings a strong foundation in IT, combined with hands-on experience across multiple cybersecurity and IT disciplines.

The successful candidate will support and mature key operational areas such as vulnerability management, vendor due diligence, data loss prevention, and privileged access controls. This individual must be adaptable, able to pivot between technologies and tasks, and serve as a collaborative bridge between IT and Security teams.
 

•    Lead and coordinate vulnerability scanning, analysis, reporting and remediation tracking across IT and business units.
•    Partner with system and infrastructure owners to prioritize and remediate vulnerabilities based on risk, ensuring timely patching and secure configuration across a wide range of enterprise technologies and platforms.
•    Monitor threat feeds and patch advisories to assess risks and drive timely remediation.
•    Provide input on architecture reviews and change management to identify security impacts.
•    Maintain documentation for processes, tool configurations, and control requirements.
•    Conduct third-party/vendor risk assessments using standardized tools and questionnaires (e.g., SIG, SOC II, CAIQ).
•    Work cross-functionally with IT, Cybersecurity and Strategic Sourcing to evaluate vendor risks and ensure appropriate controls.
•    Manage and support a vendor risk management platform (e.g., BitSight VRM, OneTrust).
•    Support the implementation, tuning, and monitoring of DLP solutions such as CrowdStrike Falcon Data Protection and Microsoft Purview Data Loss Prevention to protect sensitive data including IP, PII, and financial information.
•    Collaborate with IT and business stakeholders to define and enforce data classification and DLP policies.
•    Administer and support privileged access and endpoint privilege solutions, such as Delinea Privilege Manager, CyberArk, and ThreatLocker.
•    Continuously improve PAM/EPM configurations and workflows to ensure least-privilege access and auditability.
•    Collaborate with IT to integrate PAM/EPM solutions into endpoint and server environments.
•    Develop and coordinate adoption of security baselines for endpoint, server, and SaaS platforms based on CIS benchmarks.
•    Respond to audit and compliance requests related to controls, assessments, and remediation activities.
•    Assist in automating security tasks using scripting (PowerShell, Python) and system integrations.
•    Identify and implement cost-saving measures through automation and process improvements.
•    Manage vendor relationships related to cyber security products and services.
•    Collaborate with fellow security team members and the IT department to strengthen and enhance the organization's overall security posture.
•    Stay up to date with the latest cybersecurity trends, threats, and technologies.
•    Perform other cybersecurity-related duties and responsibilities as assigned, based on organizational priorities and evolving security needs.
 

Requirements

•  

-  Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related field preferred.
•    Minimum 5 years of experience in cybersecurity roles, with demonstrated cross-domain knowledge in one or more disciplines such as desktop engineering, server administration, and network engineering.
•    Hands-on experience with vulnerability management tools (e.g., Rapid7 InsightVM, Tenable.SC, Qualys) and remediation workflows.
•    Experienced with DLP platforms, application whitelisting, and PAM tools.
•    Strong understanding of endpoint security, system hardening, and Active Directory administration.
•    Broad technical experience including desktop support, networking, cloud platforms (e.g., Microsoft 365), and scripting (PowerShell, Python preferred).
•    Solid understanding of core IT infrastructure and administration, including Active Directory, DNS, DHCP, Group Policy, basic network troubleshooting, access control, endpoint hardening, Windows Server roles, PowerShell scripting, and device management platforms such as Microsoft Intune or SCCM.
•    Ability to assess third-party security controls and clearly communicate risks.
•    Familiarity with cybersecurity frameworks (e.g., NIST CSF, CIS Controls, ISO 27001).
•    Excellent analytical and communication skills; able to work independently and as part of a global team.
•    Excellent written and verbal communication skills in English is a requirement.
•    Ability to work independently and collaboratively in a global team environment.
•    Relevant certifications are a plus including, but not limited to, Microsoft Certified in Identity and Access Administrator Associate (SC-300), Modern Desktop Administrator Associate (MD-102), CompTIA A+, Security+, CySA+, or GIAC certifications