WHAT DOES A CYBER SECURITY SPECIALIST DO?

Published: September 26, 2024 - The Cyber Security Specialist ensures secure architecture requirements for lab and development networks, performing comprehensive security reviews and assessments in ICS environments. Provides support for projects, vulnerability management, and remediation efforts, while acting as a subject matter expert in Industrial Automation and Control Systems security. Contributes to business continuity planning, control systems analysis, and assists in the design and integration of system components.

A Review of Professional Skills and Functions for Cyber Security Specialist

1. Cyber Security Specialist Duties

  • Project Management: Drive high-priority Cyber Security projects to successful delivery, ensuring the proper coordination of other organizational functions involved.
  • Strategic Planning: Support in the definition and update of the Cyber Security vision and strategic direction for the organization, providing a view on the most suitable approaches and architectures.
  • Innovation: Contribute to the cyber security innovation process by scouting new advanced solutions available in the market that could represent valuable opportunities for Generali.
  • Consultation: Provide consultation and make recommendations about Cyber Security at a Group Level.
  • Threat Monitoring: Monitor new cyber threats and propose relevant countermeasures to be adopted within the Group.
  • Incident Management: Support the management of cyber security incidents to ensure the application of the most effective response strategies.
  • Cloud Security: Work with Security, Azure, and AWS teams to identify/remediate security gaps in public cloud environments.
  • Collaboration: Collaborate on plans to resolve security gaps.
  • Tool Development: Lead the evaluation and development of tools needed to address security gaps.
  • Stakeholder Management: Partner with product owners, product managers, and end users to identify processes/needs.

2. Cyber Security Specialist I Details

  • Incident Monitoring: Monitoring and responding to cyber security alerts and incidents.
  • Ticket Management: Manages ticket queues and responds to operational incident tickets received from the service desk and processes change requests.
  • Security Monitoring: Performs daily security event monitoring and subsequent investigation activities.
  • Incident Escalation: Follows enterprise incident response standard processes, ensuring proper escalation and engagement of more senior team members, management, and other technical teams.
  • Security Improvement: Supports efforts to implement ongoing improvements to security policies and infrastructure configurations, improving the effectiveness and efficiency of FM GlobalX’s threat prevention, detection, and response services.
  • Team Support: Under the direction of more senior team members, provides support for business and technology initiatives requiring assistance from the security infrastructure services team.
  • Policy Adherence: Maintains familiarity with FM Global security standards and ensures that technologies and security policies are implemented in support of those standards.
  • Gap Communication: Communicates any identified gaps to peers and management in a timely manner.
  • Team Collaboration: Communicates and works as a team both within security infrastructure services and across other groups in support of goals & objectives.
  • Documentation: Maintains clear, concise, and accurate documentation for processes and configurations.
  • Documentation Maintenance: Ensures documentation is kept up to date and stored in the proper shared, accessible location.

3. Cyber Security Specialist Responsibilities

  • Security Initiative Development: Participate in the design, development, and implementation of security initiatives to ensure the best possible measures are in place to maintain a secure operation.
  • System Monitoring: Monitor, evaluate, and maintain systems and procedures to safeguard internal information systems.
  • Policy Development: Develop, implement, and enforce security strategies, policies, and procedures.
  • Device Management: Configure, implement, manage, and maintain security devices, as well as provide general knowledge and recommendations for security best practices.
  • Documentation: Develop, maintain, and update documentation associated with production releases.
  • Best Practices Adherence: Adhere to best practices for security management.
  • Incident Support: Ensure on-call Level 3 support in case of a security incident.
  • Solution Design: Design, implement, and customize security solutions to improve customers' cybersecurity resilience.
  • Technology Maintenance: Responsible for maintaining and enhancing security technologies and policy.
  • System Protection: Protect computer systems, networks, cloud environments, and information security systems.
  • Security Requirements: Identify and define new security requirements and provide the right security technology solutions.

4. Cyber Security Specialist Job Summary

  • OT Cybersecurity Supervision: Supervise the OT cybersecurity components during the design and roll-out of all automation solutions and complex OT networking for plants/mills/warehouses.
  • Framework Application: Apply Corporate cybersecurity frameworks (by IT/TechDev) in new automation projects in plants, adapting to specific plant context and needs.
  • Guideline Compliance: Support the plant technical area to comply with Corporate guidelines and industry best practices in OT design, protection, and maintenance.
  • Cybersecurity Assessment: Contribute to local OT cybersecurity assessments and cooperate during audits.
  • Supplier Management: Centrally deal with cybersecurity/network suppliers and OT automation suppliers with security impacts.
  • Business Support: Provide support and advice to the business in implementing and guaranteeing security in products and services.
  • Team Collaboration: Work in a team of Cyber Security specialists and partners.
  • Incident Analysis: Analyze and follow up on incidents reported by MSSP and IT sourcing parties.
  • Technology Adoption: Work with new technologies such as EDR, Cloud Monitoring, SIEM, and SOAR.

5. Cyber Security Specialist Accountabilities

  • DoD Cybersecurity Knowledge: Maintain a clear understanding of DoD Cybersecurity and Information Assurance instructions.
  • Security Control Assessment: Assess and implement operational, management, and technical security controls, making recommendations and proposals for correcting deficiencies, and developing compensating controls for information security deficiencies.
  • Plan Development: Assist with the development or updating of Information Security-related plans, procedures, work methods, and documentation (such as network topology, hardware/software lists).
  • Program Review: Review current programs and define the steps needed to meet applicable cybersecurity and information assurance instructions.
  • Vulnerability Scanning: Conduct information security vulnerability scanning using the DoD’s Assured Compliance Assessment Solution (ACAS) (Tenable Security Center and Nessus Software).
  • Report Generation: Produce information security vulnerability scanning reports and develop Plans of Action and Milestones (POA&Ms) to resolve information security vulnerabilities.
  • Cybersecurity Support: Support, monitor, test, and troubleshoot hardware and software cybersecurity issues and patches.
  • STIG Compliance: Apply computer changes to comply with DoD Security Technical Implementation Guides (STIGs).
  • IAVM Application: Apply the DoD Information Assurance Vulnerability Management (IAVM) Program.
  • Collaboration: Work closely with Site Security and Integration Specialists assigned to programs to define required tasks to meet IA instructions.

6. Cyber Security Specialist Functions

  • Vulnerability Management Strategy: Develop and enforce a global vulnerability management strategy.
  • Point of Contact: Be the first point of contact for questions regarding the entire vulnerability management process.
  • Vulnerability Scanning: Conduct vulnerability scans within internal networks.
  • Vulnerability Analysis: Analyze vulnerabilities found internally or those reported by external researchers.
  • Remediation Support: Support internal IT teams in vulnerability remediation processes.
  • Program Collaboration: Work closely with customers and the US Government on Integrated Program Teams to define program IA requirements.
  • IA Documentation: Write Information Assurance documents to define plans and scope of IA requirements.
  • Proposal Writing: Write proposal sections to explain how CAE will meet IA instructions.
  • System Setup: Perform operating system-level setup of computers to implement controls and apply patches to eliminate vulnerabilities.

7. Cyber Security Specialist Job Description

  • Collaboration: Work closely with Developers, Network/Application Administrators to ensure the highest degree of system security.
  • Remediation Support: Provide vulnerability remediation support by developing, documenting, and implementing IA processes and procedures.
  • Scan Remediation: Support the vulnerability scan remediation process (ACAS).
  • IAVM Support: Support Information Assurance Vulnerability Management (IAVM) requirements for an operational DoD environment.
  • STIG Compliance: Perform DISA Security Technical Implementation Guidelines (STIG) on systems.
  • Process Documentation: Develop and document IA processes and procedures for the environment.
  • Certification & Accreditation: Perform DoD system certification and accreditation activities as prescribed by IA leadership.
  • Compliance Assurance: Ensure the technical environment is in compliance with DoD-mandated IA directives.
  • Plan Maintenance: Create, update, and maintain a System Security Plan, Incident Response Plan, and Contingency Plan.
  • STIG Process Management: Support the STIG process for an operational DoD environment, including scheduling, validation, remediation, and reporting.
  • Stakeholder Collaboration: Work with customers, software developers, network/system administrators, and others to ensure that security requirements are understood and implemented.

8. Cyber Security Specialist Overview

  • ICS Security Development: Develop ICS security standards and guidelines.
  • Secure Architecture: Provide secure architecture requirements for lab and development networks.
  • Security Reviews: Perform security reviews and assessments of systems, networks, and processes/procedures in ICS environments.
  • Project Support: Provide support for projects and initiatives that enable sites to accomplish project goals in a secure manner.
  • Vulnerability Management: Provide support for management and remediation of vulnerabilities identified in ICS environments.
  • Subject Matter Expertise: Act as subject matter expert in Industrial Automation and Control Systems security.
  • Training Development: Develop and provide training related to Industrial Control Systems to team members.
  • Business Continuity Planning: Ability to develop Business Continuity and Incident Management Plans.
  • RMF Preparation: Prepare for RMF process across multiple control systems.
  • System Design Assistance: Assist with control systems analysis and system design.
  • Specification Determination: Assist in determining system specifications, input/output processes, and working parameters for hardware/software compatibility.
  • Subsystem Design: May assist in the design of subsystems and integration of total system.
  • Program Support Analysis: Assist with identifying, analyzing, and resolving program support deficiencies.

9. Cyber Security Specialist Details and Accountabilities

  • Economic Awareness: Ensuring that the company is up to date with economic issues, as well as local and national business trends.
  • Project Contribution: Contributing proactively to many different aspects of a project, both individually and as part of a team.
  • Client Deliverables: Assembling outputs in line with client expectations.
  • Technical Development: Contributing to the development of personal and team technical understanding.
  • Compliance Adherence: Ensuring adherence to compliance matters.
  • Relationship Building: Developing relationships internally and enhancing the PwC brand.
  • Security Consultancy: Arranging consultancy on the design, review, and implementation of information security standards, policies, and procedures, along with digital operational resiliency plans.
  • Security Audits: Guaranteeing information security assessments or audits against industry standards and regulatory frameworks, such as GDPR, DORA, CSP, SWIFT, NIST CSF, ISO 27001/2, etc.
  • Risk Assessment: Conducting security risk assessments and providing guidance on risk treatment options.
  • General Security Consultancy: Providing consultancy regarding various information and cyber security domains.

10. Cyber Security Specialist Tasks

  • Cybersecurity Assessment: Performing assessments and interviews on cyber security.
  • Client Advisory: Taking responsibility for providing the right advice, actions, and recommendations to clients via dashboard/product.
  • UI/UX Development: Helping create intuitive, inclusive, modern, and responsive interfaces.
  • Product Innovation: Collaborating with the team to translate designs and ideas into innovative products.
  • Team Collaboration: Working together with the rest of the Devence team to improve the approach.
  • Networking: Actively connecting with promising start-ups and scale-ups to increase the client portfolio and network.
  • Best Practices Alignment: Helping clients align with industry best practices.
  • Gap Identification: Identifying gaps and providing adequate recommendations by conducting cyber maturity assessments.
  • Security Training: Providing training on security topics to a variety of audiences.
  • Business Development: Supporting business development efforts to generate new opportunities.