Job Description

Role Summary

We are seeking a Senior Cybersecurity Specialist to lead the implementation, configuration, and ongoing management of enterprise security tools and controls across network, endpoint, identity, and application domains. The role will drive the deployment and continuous improvement of solutions, ensuring the organization's assets and applications remain secure and compliant. The specialist will also work closely with the SOC team to support threat monitoring, incident response, patching, and remediation activities. This position requires strong hands-on expertise in security infrastructure, tool management, and secure SDLC processes.

Key Responsibilities

Security Implementation & Management

Lead the deployment, configuration, and optimization of enterprise security tools including EDR, SIEM, DLP, CASB, SASE, Firewall, AV/Patch/Vulnerability management tools etc. Manage ongoing policy updates, fine-tuning, and integrations across security platforms to ensure effective coverage and minimal false positives. Maintain endpoint, email, and network protection baselines and review system hardening configurations. Implement and monitor Azure security stack and controls, including NSGs, Firewall, DDoS, Application gateways, etc.


Secure SDLC & Application Security

Work with application and development teams to embed secure SDLC practices, including threat modeling, code scanning, dependency management, and application hardening. Review application architectures for potential vulnerabilities and coordinate remediation. Collaborate with SOC and application team for periodic application and API penetration testing activities and ensure closure of findings.


Defensive Operations & SOC Collaboration

Collaborate with the SOC team to validate alerts, improve detections, and refine escalation procedures. Participate in defensive operations, including patch management, vulnerability remediation, and containment actions. Review SOC performance, investigate escalations, and ensure effective use of available tooling for incident response. Assist in post-incident analysis and continuous improvement of detection and response mechanisms.


Governance, Risk & Compliance

Maintain internal security configurations, documentation, and control baselines Ensure alignment with security frameworks and best practices (ISO 27001, NIST, CIS) Participate in internal and external audits, risk assessments, and compliance initiatives

Candidate Requirements

10+ years of experience in enterprise IT and cybersecurity, with a strong focus on security tool implementation, configuration, and management. Deep understanding of network, endpoint, identity, and cloud security controls. Hands-on expertise with:
+ Microsoft Defender and Purview
+ Vulnerability management platforms (Qualys, Tenable or equivalent)
+ SASE, CASB (Zscaler or equivalent)
+ Network Security (Cisco, Palo Alto or equivalent)
+ Azure security stack (NSG, Firewall, DDoS, Sentinel etc)
Working knowledge of secure SDLC, DevSecOps, and application security principles and tools. Experience collaborating with or overseeing SOC operations, including threat monitoring and response. Strong analytical, troubleshooting, and communication skills. Good to have vendor-neutral/specific security certifications (AZ-500, SC-200, SC-400, or equivalent)

Soft skills

Proactive problem solver with strong ownership and accountability Excellent communication and documentation skills Ability to collaborate with infrastructure, SOC, and application teams effectively Continuous learning mindset, staying updated on emerging threats and technologies

Disclaimer:

This job posting is not open to recruitment agencies. Any candidate profile submitted by a recruitment agency will be considered as being received directly from an applicant. Contango reserves the rights to contact the candidate directly, without incurring any obligations or liabilities for payment of any fees to the recruitment agency.