An international company is looking to hire a senior and/or intermediate cybersecurity consultant.
The successful candidate will have strong technical expertise combined with excellent verbal and written communication skills. Business acumen and pragmatic approach to implementing security controls that balance cost benefit analysis and business impact is a must.
- Conduct cybersecurity assessments and audits using many different methodologies including HTRA, NIST 800-30, ISO27005, CMM maturity models
- Develop governance frameworks, policies, standards, and procedures. Familiarity with ISO 27001/2 information security management system is mandatory.
- Provide technical expertise in the areas of network and application security. Understanding of common application
vulnerabilities (e.g. OWASP top 10) and networking (e.g. common layer 2 technologies, TCP/IP stack, routing) is required. - Design and document security architecture and security zones for complex IT solutions and systems.
- Communicate with C-level (e.g. CIO) to provide advise and recommendations for CISO as a Service engagements.
- Produce detailed PowerPoint presentations for kickoff, summary of findings, executive presentations.
- Educate and communicate security requirements, policies, standards, and procedures to business/internal stakeholders as it relates to projects and strategic initiatives.
- Research and improve your knowledge base of current technology advancements, trends and directions and identify the potential threats and exposures to our clients.