Our client is one of fortune 500 US company with newly created and expanded Security advisory practice. They offers communications, network services, security, cloud solutions, voice, and managed services.
The role is accountable for providing high-quality cyber-security consulting services to customers. The candidate will have responsibility to learn and perform the full range of security services offered by the client's security practice. The Security Consultant will function in a delivery capacity and is required to advance their skill set in order to provide relevant expertise to customers.
1) Deliver cybersecurity consulting services to customers, which includes:
- Prepare and conduct security program plans to execute information security management reviews and information security management system (ISMS) assessments
- Lead and/or participate in the creation, review and update of information security policies, standards, processes and guidelines
- Implement security risk analysis for current and new systems and network architecture to identify weaknesses, gaps and recommend improvement to customers
- Support and provide consultancy for audit compliance actions
- Provide complex technical advice, recommendations and consultancy on networks, infrastructure, products and services supplied
- Lead the design, implementation, operation and maintenance security management systems
- Provide or assist with implementation documentation
- Perform independently in team implementing security and privacy engagements
2) Security Governance Support – support security policy, regulatory compliance to comply with Information Security Standards. Review, advice and document security operations changes requested by the customer and provide agreed to direction to client's service teams for the implementation of associated changes;
3) Security Incident Response Support – serve as a point of contact for security incidents, investigate on and provide post incident reports. Liaise with the security operation services team to advise, analyze and resolve issues across any installed security solutions;
4) Vulnerability Scans and Reviews – Perform penetration, analyse, report and recommend on missing patches, identified vulnerabilities and hardening analysis; Onboarding of security log monitoring and management services to client's platform with architecture design, use cases development and configuration of monitoring and reporting.
- Flair for translating information security requirements into IT security controls and measures
- Experience in information security management and related functions such as IT Risk Management
- Ability to align information security policies with business requirements and has attention to details.
- Excellent communication skills – both written and oral. Ability to whiteboard and present recommendations confidently to customers
- Excellent communication and presentation skills with the ability to present to a variety of external audiences, including being able to interact with senior executives
- Project management skills and an ability to translate business requirements into technical IT security deliverables
- 7+ years thorough knowledge and experience with security standards (Security architecture analysis, Security Administration, Network and Firewall Engineering);
- Strong analysis skills to perform network and system vulnerability assessments, identifying and prioritizing security issues, and documenting findings and recommendations;
- Demonstrated ability to make and take responsibility for decisions on major technical issues;
- Excellent critical thinking and analysis skills in an enterprise environment;
- Strong customer focus and quality mindset;
- Excellent interpersonal and leadership skills;
- Less than 20% of travelling.
- Possible security technology certifications, (Any of these or other security certs- CISM, CISSP, etc.