Cybersecurity Assurance ( Configuration Review & Vulnerability assessments) Specialist Full Time NEW

We are seeking a highly skilled and hands-on Senior Cybersecurity Assurance Specialist to lead security assurance activities across critical cybersecurity technologies and infrastructure platforms. The successful candidate will be responsible for conducting comprehensive security configuration reviews, vulnerability assessments, security control validation, and compliance gap assessments to ensure the organization’s security posture aligns with established standards, regulatory requirements, and industry best practices.

This role requires deep technical expertise across multiple cybersecurity domains, including Data Loss Prevention (DLP), Extended Detection and Response (XDR), Privileged Access Management (PAM), Cloud and Enterprise Security Access Platforms (CASP/EASP), Web Application Firewalls (WAF), Linux environments, and Email Security Solutions.

Key Responsibilities

Security Assurance & Configuration Review

– Perform detailed security configuration reviews across enterprise security platforms, including DLP, XDR, PAM, CASP/EASP, WAF, Linux servers, and Email Relay/Email Security solutions.
– Evaluate implemented security controls to ensure alignment with organizational security policies, hardening standards, regulatory requirements, and industry best practices.
– Validate the effectiveness of security configurations and identify potential weaknesses, misconfigurations, and control deficiencies.

Vulnerability Assessment & Gap Analysis

– Conduct vulnerability assessments and security posture reviews across infrastructure, applications, and security platforms.
– Correlate vulnerability findings with configuration weaknesses, architectural risks, and control gaps.
– Perform security gap assessments against recognized frameworks, standards, and security baselines, including but not limited to ISO 27001, NIST Cybersecurity Framework, CIS Benchmarks, and organizational security requirements.
– Identify risks and provide actionable recommendations to enhance security resilience.

Reporting & Stakeholder Engagement

– Prepare comprehensive assessment reports containing technical findings, risk ratings, business impact analysis, supporting evidence, and remediation recommendations.
– Present assessment outcomes and executive summaries to cybersecurity leadership, technology teams, and business stakeholders.
– Collaborate with security operations, infrastructure, cloud, and application teams to support remediation planning and risk mitigation activities.
– Track remediation progress and provide assurance validation following corrective actions.

Security Governance & Compliance Support

– Support internal and external security audits, compliance reviews, and regulatory assessments.
– Contribute to the development and enhancement of security standards, hardening guides, assessment methodologies, and assurance procedures.
– Ensure all assessment activities are conducted using structured, repeatable, and risk-based methodologies.

Professional Standards & Working Principles

– Adhere to established security assessment methodologies and quality assurance standards.
– Ensure all findings are evidence-based, technically validated, and supported by risk-focused analysis.
– Maintain strict confidentiality when handling sensitive security configurations, logs, system information, screenshots, and assessment data.
– Deliver clear, practical, and business-aligned remediation recommendations.
– Manage assessment activities within agreed scope, timelines, deliverables, and quality expectations.
– Maintain high standards of documentation, communication, professionalism, and stakeholder engagement.

Required Qualifications & Experience

– Bachelor’s degree in Cybersecurity, Information Security, Computer Science, Information Technology, or a related field.
– Minimum 2–4 years of experience in Cybersecurity Assurance, Security Assessment, Vulnerability Management, Security Architecture Review, or related cybersecurity disciplines.
– Proven hands-on experience conducting security configuration reviews, vulnerability assessments, control validation, and security assurance activities.
– Strong technical knowledge of:
– Data Loss Prevention (DLP)
– Extended Detection & Response (XDR)
– Privileged Access Management (PAM)
– Cloud Access Security Broker (CASB) / Enterprise Security Access Platforms (EASP)
– Web Application Firewalls (WAF)
– Linux Security Hardening & Assessment
– Email Security and Email Relay Platforms
– Experience with security hardening standards, secure configuration baselines, and control validation techniques.
– Strong understanding of cybersecurity risk management, governance, compliance, and security control frameworks.