We are seeking a highly experienced Senior Security Consultant to collaborate with our Local Operations Security Leader the local CISOs team and other stakeholders to ensure that our companys information security is robust effective and costefficient. As a senior expert you will be responsible for identifying security vulnerabilities developing security strategies and providing expert guidance to ensure the integrity and safety of our systems applications and data.
This role involves overseeing a wide range of security activities including vulnerability management security assessments and incident response ensuring that security standards are defined and upheld across the organization. You will also provide leadership and expert advice on how to effectively mitigate security risks and ensure ongoing protection from evolving cyber threats.
KEY RESPONSIBILITIES:
1. Vulnerability Management:
Operate and maintain vulnerability scanning tools to identify and assess weaknesses in the company s systems such as outdated software or weak passwords.
Implement and improve vulnerability management processes ensuring timely remediation and mitigation of risks.
2. Security Solutions:
Evaluate security threats risks and vulnerabilities and recommend costeffective solutions to address them.
Provide guidance to IT teams on hardening systems and implementing security best practices.
3. Security Standards and Compliance:
Define and enforce system security standards to ensure compliance with industry regulations and internal policies.
Perform security assessments for new projects and applications identifying potential risks and ensuring compliance with security requirements.
4. Security Operations:
Manage password complexity checks and conduct regular scans to identify weak passwords.
Ensure that vulnerability remediation actions are properly implemented across the organization.
5. Incident Response & Threat Management:
Lead the response to security incidents ensuring proper investigation forensics and reporting are carried out.
Collaborate with security teams to manage cyber threats and ensure the organization s response aligns with best practices.
6. Communication and Stakeholder Engagement:
Effectively communicate with different audiences from technical teams to leadership ensuring information security strategies are understood and implemented.
Provide regular security awareness training to promote a securityconscious culture across the organization.
REQUESTED QUALIFICATION & EXPERTISE :
1. Education: Bachelor s degree in Computer Science Information Security or related field or equivalent professional experience.
2. Professional Certifications (one or more preferred):
ISO/IEC 27017 (Cloud Security)
CISSP (Certified Information Systems Security Professional)
CEH (Certified Ethical Hacker)
Any other relevant security certifications (a plus)
3. Experience:
Proven experience (7 years) in information security with expertise in technical security systems security network security and/or application security.
Strong understanding of vulnerabilities exploit techniques and remediation methods.
4. Technical Expertise:
Knowledge of best practices in security engineering: security configuration baselines cryptography secure operations and incident response.
Expertise in using vulnerability management and policy compliance scanning tools.
Familiarity with security assessment methodologies and risk management processes.
Proficiency in performing security audits and reviews as well as incident investigations and forensics.
5. Soft Skills:
Strong communication skills with the ability to translate complex security concepts to nontechnical stakeholders.
Demonstrated leadership abilities with a track record of successfully managing security projects and working with crossfunctional teams.