Cyber Security Control Operations Specialist

Role Profile The purpose of the Cyber Security Control Operations Specialist role is to deliver robust assurance that security controls are optimized, resilient, and continuously aligned with organizational risk appetite and regulatory expectations. By strengthening the effectiveness of these controls, the role enables the business to operate securely, maintain stakeholder trust, and adapt confidently to evolving cyber threats. Key Responsibilities •Monitor, test, and validate the effectiveness of cybersecurity controls across enterprise systems and networks. •Identify control gaps, assess risks, and implement remediation measures to strengthen the organization’s security posture. •Maintain and update security control frameworks to ensure alignment with regulatory requirements and industry standards. •Collaborate with cross functional teams to operationalize security policies and procedures. •Support incident response activities by analyzing control performance and recommending corrective actions. •Conduct regular audits, reviews, and reporting on control effectiveness to management and stakeholders. •Provide technical expertise in deploying, configuring, and maintaining security tools and technologies. •Support continuous improvement initiatives to enhance control efficiency, resilience, and adaptability against emerging threats. •Develop and deliver training or awareness sessions to promote adherence to security control practices across the organization. •Stay current with emerging cyber threats, technologies, and regulatory changes to proactively adjust control operations. Must have Technical / Professional Qualifications •Bachelor's degree in cyber or information security, computer science/engineering, information technology (or systems) or other related fields. •5+ years of progressive experience in cybersecurity or related field in cybersecurity, with a significant focus on hands-on technical security work. •Any of the certifications below will be desired. oCertified Ethical Hacker (CEH), GIAC Penetration Tester (GPEN), CompTIA CASP+, Offensive Security Certified Professional (OSCP), GIAC Certified Incident Handler (GCIH) •Deep knowledge of NIST, ISO 27001, CIS Controls, and regulatory compliance frameworks, with the ability to align enterprise controls to industry standards. •Expertise in deploying, configuring, and integrating SIEM, SOAR, EDR, and DLP solutions across complex enterprise environments. •Skilled in leveraging threat intelligence platforms, correlating external feeds with internal telemetry, and guiding incident response with actionable insights. •Proficient in advanced vulnerability scanning, penetration testing methodologies, and risk prioritization to drive timely remediation across diverse systems. •Strong command of securing multi-cloud and hybrid infrastructures, including IAM, encryption, monitoring, and compliance in AWS, Azure, and GCP environments.