We are seeking a knowledgeable and proactive Security Consultant to assess, design, and implement effective security measures for our organization and/or clients. The ideal candidate will have expertise in identifying vulnerabilities, conducting risk assessments, and recommending best practices to protect critical assets against threats—digital, physical, or both.
Security Assessment & Audits
Conduct comprehensive security assessments, including penetration tests, vulnerability scans, and risk analyses.
Evaluate existing security policies, procedures, and systems to identify areas for improvement.
Security Design & Implementation
Design and implement security architectures, including firewalls, intrusion detection systems (IDS), SIEM, endpoint protection, and physical security controls.
Collaborate with IT/network teams to integrate security solutions into infrastructure.
Compliance & Governance
Ensure compliance with relevant regulations (e.g., ISO 27001, NIST, GDPR, HIPAA, PCI-DSS).
Develop and maintain security policies, standards, and incident response plans.
Threat Intelligence & Incident Response
Monitor and analyze security threats, trends, and intelligence.
Assist with or lead incident response, including investigation, containment, eradication, and recovery.
Client/Stakeholder Engagement
Communicate risks and solutions clearly to technical and non-technical stakeholders.
Deliver security awareness training and workshops as needed.
Documentation & Reporting
Prepare technical reports, risk assessments, and executive summaries.
Maintain clear records of assessments, findings, and remediation steps.
Education:
Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field. A master’s degree is a plus.
Certifications (Preferred):
CISSP, CISM, CEH, OSCP, CompTIA Security+, ISO 27001 Lead Implementer/Auditor.
Experience:
3–7 years in information security, cybersecurity consulting, or related field.
Hands-on experience with tools such as Metasploit, Nessus, Wireshark, Splunk, or equivalent.
Strong analytical and problem-solving skills.
Excellent communication and presentation abilities.
Ability to work independently and manage multiple projects.
Up-to-date knowledge of cybersecurity threats, mitigation strategies, and industry trends.