Senior Cyber Security Specialist (15-20 yrs)

Job Description :

Overview : We are seeking an experienced Senior Cybersecurity Specialist with 15-20 years of expertise in Microsoft cybersecurity technologies and related vendor solutions. The ideal candidate will have extensive experience in implementing and managing Microsoft Sentinel, Defender, and Purview solutions. This role requires a deep understanding of regulatory compliance frameworks, including GDPR, NIST, and ISO 27001, as well as the ability to quickly learn and adapt to new technologies to meet evolving regulatory requirements.

Key Responsibilities :

- Audit and Non-Conformance Identification : review AI-driven interpreted regulations to identify non-conformance, applying audit methodologies to evaluate the accuracy and completeness of controls. Use previous audit experience to spot gaps in interpretation and ensure compliance.

- Technical Control Validation : Review bare acts and extract technical controls to validate against those interpreted by automated systems. Ensure that these controls meet regulatory requirements, utilizing both AI-generated interpretations and manual analysis.

- Control Breakdown and Mapping : Break down high-level technical controls into logical actions. Map these actions to specific Microsoft products (Purview, Defender, Sentinel) and third-party cybersecurity capabilities, ensuring that all aspects are covered and actionable.

- Control Differentiation : Distinguish between technical, process-based, and documentation-related controls, ensuring that all types are appropriately handled and that the AI-generated interpretations align with the correct control categories.

- Regulatory Review and Change Management : Continuously monitor and review regulatory changes, assessing the AI system's ability to generate accurate control interpretations based on supervised learning. Validate system outputs and suggest improvements based on your audit experience.

- Learning from Audits : Apply knowledge gained from previous audits to improve both the interpretation of regulations and the comprehensiveness of control actions. Identify areas where automated systems may fall short in meeting regulatory standards and provide feedback for system enhancement.

- Microsoft and Third-Party Product Expertise : Utilize Microsoft Purview, Defender, and Sentinel, alongside other in-market cybersecurity products, to enhance the implementation of controls. Keep abreast of emerging cybersecurity tools and techniques to optimize compliance solutions.

Stakeholder Collaboration : Collaborate closely with engineering teams to report and highlight errors in mapping of technical controls to regulatory requirements supports business objectives while maintaining quality of templates.

Qualifications :

- Experience : 15-20 years of experience in cybersecurity, with a strong focus on GRC and Audit exposure.

- Technical Expertise : Overview with Microsoft Sentinel, Defender, and Purview family of solutions.

-Regulatory Knowledge : Proven track record of conducting audits and managing projects around GDPR, NIST, ISO 27001, and other regulatory frameworks.

- Learning Agility : Demonstrated ability to quickly learn and adapt to new technologies and map them to evolving regulatory requirements.

- Communication Skills : Strong verbal and written communication skills, with the ability to convey complex technical concepts to non-technical stakeholders.