Consultant, Cyber Security Job Description
Consultant, Cyber Security Duties & Responsibilities
To write an effective consultant, cyber security job description, begin by listing detailed duties, responsibilities and expectations. We have included consultant, cyber security job description templates that you can modify and use.
Sample responsibilities for this position include:
Consultant, Cyber Security Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Consultant, Cyber Security
List any licenses or certifications required by the position: CISSP, SANS, CISA, ITIL, CEDS, RCA, ISO27001, CISM, CEH, MCSE
Education for Consultant, Cyber Security
Typically a job would require a certain level of education.
Employers hiring for the consultant, cyber security job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Collage Degree in Computer Science, Information Security, Information Technology, Education, Engineering, Computer, Business, Technical, Military, Cyber Security
Skills for Consultant, Cyber Security
Desired skills for consultant, cyber security include:
Desired experience for consultant, cyber security includes:
Consultant, Cyber Security Examples
Consultant, Cyber Security Job Description
- Work collaboratively as part of the Technology Services and Solutions practice team and across the Defence market teams
- Provide a variety of services related to internal control, risk management, IT controls and related standards (Sarbanes-Oxley, FISCAM, FISMA, NIST, COBIT)
- Become familiar with clients business environment and basic risk management approaches
- Use technology-based tools or methodologies to review, design and/or implement products and services
- Participate in mentoring relationships within practice
- Offers subject matter expertise and guidance to Desktop Support Technicians specific to the endpoint protection technologies malware remediation
- Provides technical and/or analytical support to solve a wide range of complex issues/problems
- Support the development of technical standards and guidance related to access control, governance / risk management, privacy / data protection, configuration management, and continuous monitoring in alignment with National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53 Revision 4
- Provide risk assessments based on research and stakeholder interviews
- Perform Information Assurance and risk mitigation
- Understanding of application and network security frameworks and control principles
- Fluency in English and Polish in speaking and writing
- Ability to communicate business and technical risk to all levels of audience
- Configuration Review
- Basic experience in testing and securing applications and infrastructure, finding vulnerabilities and exploit code development
- Understanding of basic application and network security frameworks and control principles
Consultant, Cyber Security Job Description
- Be responsible for the continued management of Information Security risk
- Security assessment and sign-off of new developments as part of the release management process
- Continuously review and update the ISO27001 Information Security Management System (ISMS)
- Key stakeholder management both internally and externally
- Cyber Security - Security monitoring and operations, application security and infrastructure security
- Cloud Security and DevSecOps – Architecting, reviewing and implementing secure solutions in quickly evolving cloud-based and DevOps environments
- Digital Identity - Implementing solutions for the transformation and optimization of our clients’ Identity and Access Management (IAM) processes, technologies and organization
- GDPR - Reducing the risk of a personal data breach by helping clients identify and implement the necessary security measures to get GDPR ready
- Active engagement and management of partners in delivery of customer engagements
- Develop in accordance with the Cyber Security practice strategy some new offers
- Understanding of technical security components, application, host, and network security
- 5+ years of cyber security experience including evaluating assessment and authorization procedures and processes
- Possession of an active DoD 8570.01 Approved Baseline Certification (IAT, IAM, or IASAE
- Advantage with professional certifications
- Fluent spoken English, Cantonese and Mandarin (preferred)
- Good knowledge of IT Security
Consultant, Cyber Security Job Description
- Serving as a FISMA specialist, providing process and technical guidance on Assessment and Authorization
- Key member of project team responsible for performing direct and/or indirect assessments to support client cyber security program
- Collect, consolidate and analyze complex business and technical requirements from key constituents
- Contribute to predictive analysis of malicious activity
- Develop cyber intelligence threat analysis involving actual and alleged instances of information collection
- Provide Cyber Security advice and guidance for clients in ‘business as usual’, technical refresh and new project environments
- Be able to apply technical knowledge, with creative and innovative thinking in a broad range of complex and non-routine contexts
- Perform Cyber Security risk assessments and determine the most cost effective deployment of security controls and solutions in line with the business risk appetite to protect information assets from loss misuse, leakage or corruption
- Create client Cyber Awareness policies and procedures to meet corporate and regulatory requirements and standards
- Governance – review of governance frameworks that support business processes and determines effective monitoring of these is in place
- Energetic, dynamic, honest, driven with advanced business acumen
- Enterprise Security Framework, penetration testing, application security review)
- Science related Bachelor's or Master's degree with a GPA of 3.0 or above (US) or First Class/2nd Upper Honours (Singapore)
- Subject matter expertise experience configuring IT/OT equipment (Cisco, EMC, .)
- Strong understanding of information security (and/or related discipline Privacy) industry and profession maturity and of Cyber Security trends and developments
- Well developed presenting skills at conferences or presenting to analysts
Consultant, Cyber Security Job Description
- Risk - review if sustainable and repeatable risk management programs are in place
- Compliance -conformance with formalised requirements and standards driven by government, contractual or internal requirements
- Perform detailed technical analysis of Industrial Control Systems (ICS) and cyber security controls
- Identify cyber security gaps and recommend mitigations to address gaps
- Conduct critical electric infrastructure vulnerability assessments for both compliance and security purposes
- Perform detailed, post event analysis of cyber events, and direct needed Incident response procedures
- Resolve technical issues considering business impact, and be able to communicate issue resolutions to IT and OT organizations
- Execute the planning, design, development and implementation of technical controls, procedures and policy associated with compliance to NERC CIP regulatory requirements and NIST cyber security guidance
- Develop policies & procedures, secure process control network design, technical and design recommendations for the implementation of firewalls and other network security and compliance controls
- Facilitate collaboration and development of new products within accounts
- The successful candidate will be a knowledgeable, enthusiastic and conscientious individual who has the relevant defence contextual knowledge cyber security experience
- Leading the delivery of Cyber Vulnerability Investigation (CVI) projects across UK defence systems and organisations in accordance with industry and MOD requirements
- Leading an enterprise level systems engineering approach to all cyber resilience projects, delivering an enterprise level output for on behalf of clients
- Leading cyber resilience risk assessment projects to support the establishment of a risk picture, leading to the proposal of appropriate measures to mitigate client’s cyber risks
- Understand, manage and deliver a range of assessment tools and techniques, such as Maturity Models (MM), threat assessments and penetration testing to underpin the derivation of evidence in CVI and High level assessments
- Experience working in defence intelligence and C4ISR related work areas
Consultant, Cyber Security Job Description
- Assume a lead role when team lead and/or manager is unavailable
- Be available to provide on call support on a rotational basis
- Performing mid and large IT and information security risk and compliance assessments, PCI engagements, audits, gap analyses, and remediation
- Actively lead projects in the areas of PCI-DSS and PA-DSS
- Develop customized policies, procedures and controls, disaster recovery plans and technical documentation for applications, systems and infrastructure
- Possess an in-depth knowledge of IT security and various frameworks (i.e CobiT, NIST, ISO )
- Experience in managing policy exceptions, including working directly with the teams to document exceptions, identify compensating controls and remediation action plans
- Drive SDL across ITS and business segments, for internal and externally facing applications, including Ecommerce sites, Mobility (Android, Apple IOS), and legacy applications
- Source code analysis and remediation using Fortify
- Firewall policy evaluation, review, and design
- Understanding of security fundamentals in relation to basic information security domains
- Basic experience in implementing security controls in different environments (on premise, virtualized, digital services) on different levels (process, technical)
- An ability to influence and communicate with all levels of stakeholder including senior stakeholders and junior staff
- Experience of general consulting skills (soft skills, structured thinking, effective report writing and presentations, and stakeholder engagement)
- Experience operating in dynamic and technical environments characterised by lots of uncertainty
- Central Government experience is highly desirable, particularly in the Defence agencies