Responsibilities

• Implement and administer MDM, EDR, and IAM controls (device enrollment & baselines, endpoint protection policies, hardening, SSO/MFA, conditional access, access reviews, etc.).
• Maintain and continuously improve the security baseline for endpoints and corporate SaaS services.
• Conduct regular security audits and assessments to ensure compliance with industry best practices and regulatory requirements (e.g., GDPR, ISO/IEC 27001, HIPAA).
• SIEM implementation, onboarding log sources, maintaining ingestion, and alerting.
• Perform risk assessments and recommend appropriate mitigation strategies.
• Prepare and maintain security awareness materials and support company-wide security awareness activities to improve employees' cyber hygiene.
• Manage and respond to security incidents, including investigation, containment, eradication, recovery, and post-incident analysis.
• Support vulnerability and patch remediation workflows.
• Contribute to the development and maintenance of internal policies, procedures, and controls related to security and compliance.
• Support SOC 2 and ISO/IEC 27001 readiness by maintaining evidence, assisting with control implementation tracking, and operating via GRC workflows where applicable.
• Collaborate with other teams on secure onboarding of systems/vendors and ongoing security improvements.
• Monitor and mitigate phishing, malware, and other cyber threats.
• Maintain awareness of emerging threats and recommend improvements.

Skills & Experience

• 3+ years of hands-on experience in an IT service/outsourcing company in the position of IT Security / SecOps with strong security ownership.
• Proven hands-on experience implementing and administering CrowdStrike Falcon (EDR/XDR), ManageEngine Endpoint Central (Zoho), and Okta IAM, in real environments (not just "familiarity").
• Strong understanding of endpoint and identity security fundamentals (device hardening, patching, MFA/SSO, conditional access, access lifecycle, etc.).
• Hands-on experience with SIEM/log aggregation, including SIEM implementation, onboarding log sources, maintaining reliable log ingestion pipelines, and configuring alerting/use cases.
• Solid understanding of SaaS security.
• Experience with Google Workspace security administration at scale.
• Practical familiarity with SOC 2 and/or ISO/IEC 27001 concepts and operational routines.
• Experience in investigating security events and incidents, conducting root cause analysis, and producing post-incident reports.
• Basic scripting knowledge (Bash, Python, PowerShell) for automation.
• Strong analytical and troubleshooting skills, ability to work with logs, alerts, and system telemetry.
• Ability to write and maintain technical documentation (policies, standards, processes, playbooks).
• English: Upper intermediate or higher.
• Ability to work independently and as part of a team.
• Strong communication and interpersonal skills.

Nice to have

• Familiarity with data privacy and regulatory compliance requirements (e.g., GDPR, HIPAA, PCI DSS).
• Experience in data-intensive projects (DWH, BI, AI, analytics).