Job description

About the Hiring Company:

A Libyan technology solutions provider with strong expertise in IT services, infrastructure, cybersecurity, communications, storage, software, and hardware solutions. The company supports organizations of different sizes by delivering professional technology services, consultancy, and secure digital solutions designed to improve operational efficiency, resilience, and business continuity.

With a strong focus on reliability, technical excellence, and client-focused service delivery, the company plays an important role in supporting critical business environments that require high levels of confidentiality, security, and operational stability.

As an Information Security Specialist is to lead and manage end-to-end cybersecurity operations for systems, networks, applications, and sensitive data.

This role will be performed in support of an oil-sector company, where cybersecurity is directly connected to critical infrastructure, operational continuity, and the protection of highly sensitive business and technical information. You will be responsible for monitoring threats, strengthening defenses, responding to incidents, ensuring compliance, and advising stakeholders on cybersecurity risks and improvements.

• Monitor SIEM and XDR platforms, analyze logs, investigate alerts, detect threats, conduct threat hunting, and escalate incidents when required.

  
  

• Manage the full incident response lifecycle, including detection, containment, eradication, recovery, forensic analysis, root cause identification, and incident reporting.

  
  

• Design, implement, and maintain secure network and system infrastructure, including firewalls, VPNs, IDS/IPS, endpoint protection, hardening controls, and zero-trust security principles.

  
  

• Conduct vulnerability scans, risk assessments, penetration testing activities, remediation follow-ups, and patch management processes.

  
  

• Manage Identity and Access Management controls, including Active Directory, Microsoft Entra ID, MFA, conditional access, permissions reviews, and least privilege enforcement.

  
  

• Support Governance, Risk, and Compliance activities, including audits, internal security policy enforcement, risk assessments, and alignment with standards such as ISO 27001 and NIST.

  
  

• Develop and support cybersecurity strategies, advise management on security risks, and align security initiatives with business objectives.

  
  

• Implement and maintain data protection controls, including DLP, encryption, email security, and measures that ensure confidentiality, integrity, and availability of data.

  
  

• Monitor emerging cyber threats, maintain indicators of compromise, analyze attack trends, and map threats to frameworks such as MITRE ATT&CK.

  
  

• Conduct cybersecurity awareness activities, including user training, phishing awareness, and promotion of security best practices across the organization.

  
  

• Ensure continuous system security maintenance through patching, updates, endpoint protection, and improvement of the organization’s overall security posture.

  
  

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field.

  
  

• Minimum of 4 years of experience in cybersecurity, information security, or IT security operations.

  
  

• Hands-on experience with SIEM and XDR platforms, especially Microsoft Defender and Microsoft Sentinel.

  
  

• Strong knowledge of firewalls, network security, Windows Server, Active Directory, and endpoint protection technologies.

  
  

• Experience with Microsoft 365 and Azure cloud security environments.

  
  

• Practical experience using vulnerability management tools such as Nessus or similar platforms.

  
  

• Ability to use scripting to support automation, investigation, and security operations tasks.

  
  

• Preferred certifications include CISSP, CEH, Security+, SC-200, SC-300, or OSCP.

  
  

• Strong analytical thinking and the ability to investigate complex security issues.

  
  

• Ability to handle incidents under pressure while maintaining professionalism, accuracy, and sound judgment.

  
  

• Skilled in preparing both technical and executive-level security reports.

  
  

• High level of confidentiality, integrity, accountability, and responsibility when working with sensitive systems and data.

  
  

• Location: Tripoli, Libya.