IT Security Consultant Job Description
IT security consultant
provides consultation on information security regulations and standards, such as PCI DSS, HIPAA, or NIST, to various audiences.
IT Security Consultant Duties & Responsibilities
To write an effective IT security consultant job description, begin by listing detailed duties, responsibilities and expectations. We have included IT security consultant job description templates that you can modify and use.
Sample responsibilities for this position include:
Set up and manage automated manual provisioning workflows
Have hands on experience and provide training and problem resolution support related to Fortify, WebInspect, BURP Suite PRO, SoapUI, Kali Linux
Selection, implementation, and operation of IT security tools
Involvement in IT projects to review security aspects
Heightening user awareness
Prepare and document SOPs and protocols
Ensure that the company is made aware immediately of security incidents
Develop automation scripts and handle/track incidents
Perform vulnerability testing, risk analysis and security assessments
Participate in the strategic design process to translate security and business requirements into processes and systems
IT Security Consultant Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for IT Security Consultant
List any licenses or certifications required by the position: CISSP, CISM, CISA, ITIL, RHSE, MSCE, CRISC, CAP, RSA, X.509
Education for IT Security Consultant
Typically a job would require a certain level of education.
Employers hiring for the IT security consultant job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Collage Degree in Computer Science, Engineering, Information Systems, Information Technology, Business, Education, Information Security, Technical, Graduate, Technology
Skills for IT Security Consultant
Desired skills for IT security consultant include:
PCI DSS
COBIT
ITIL
NIST CSF
Onboarding enterprise applications into various IAM tools
Regulatory requirements and industry standards
Active Directory and LDAP
Database
IT Risk management standards and disciplines
Forensic tools to identify anomalous and potentially malicious behavior
Desired experience for IT security consultant includes:
Able to use vulnerability assessment tools like HP WebInspect, HP Static Code Analyzer, or similar tools
Familiar on OWASP Top 10
Able to write secure codes
Certification on Certified Ethical Hacking, CISSP, License Penetration Testing, Secure coding
Has strong collaboration skills
Should have strong command of the English language both written and oral
IT Security Consultant Examples
1
IT Security Consultant Job Description
Job Description Example
Our growing company is hiring for an IT security consultant. If you are looking for an exciting place to work, please take a look at the list of qualifications below.
Responsibilities for IT security consultant
- Assist in developing and managing an integrated risk framework for the company’s IT security risk philosophy, standards, and processes
- Augment and maintain risk registers
- Expand upon existing risk identification and management processes
- Develop and implement Key Risk Indicators (KRIs) for IT
- Document procedures and activities in a manner that is understandable to internal stakeholders and external auditing entities
- Define the plan to identify and evaluate technology risks, internal controls which treat risks, and related opportunities for control improvement
- Develop, implement, and enhance tracking processes in order to ensure adherence to IT standards regulatory and contractual compliance
- Perform security risk assessments (SRA) according to the SRA framework and IS standards for both custom developed and third-party applications within the existing Infrastructure
- Document identified IS risks to incorporate relevance and impact to enterprise systems, infrastructure and business process
- Communicate effectively orally and in writing and express conclusions and recommendations in a clear, technically sound manner, understand and communicate how vulnerabilities can be exploited within technology and the enterprise environment in a manner that resonates with the business areas
Qualifications for IT security consultant
- At least 6+ years of equivalent, hands-on IT security experience in large enterprise environments
- Strong interpersonal communication skills (verbal and written) and strong emotional intelligence
- Information Security Management Principles - Physical Security, Disaster Recovery, Access Controls, Authentication, Audit, Governance, Risk Management, Security Architecture, Cryptography, Systems Development and Business Continuity
- A fundamental understanding of IT Systems and Services covering Virtualisation, Mainframes, Cloud Services, Hosting Services, Desktop
- The ability to create high quality documentation such as Presentations, Risk Assessments, Reports and completing metrics and spreadsheets
- Minimum of three to five years of overall direct IT audit experience performing hands-on information security risk assessments, vulnerability assessments through the incorporation of automated scanning and audit tools, performing IT General Controls in support of SOX 404 compliance, Application Controls and security audits
2
IT Security Consultant Job Description
Job Description Example
Our company is growing rapidly and is searching for experienced candidates for the position of IT security consultant. If you are looking for an exciting place to work, please take a look at the list of qualifications below.
Responsibilities for IT security consultant
- Develop and maintain process, risk methodologies and SOP documentation
- Researches and maintains knowledge base regarding Industry frameworks, best practices, information security issues, solutions and potential implications
- Recognize any internal control weaknesses and lack of compliance with internal procedures and policies, which may result in inadequate, inefficient, or ineffective operations
- The security engineer plays a key part in ensuring managed security services is rendered at the highest quality and standard
- Communicate (oral and written) to senior management on risks management concepts, specific project risks and risk mitigation options / scenarios
- Manage remediation requests
- Create open relationships and communications with central services, business unit, local IT staff and users
- Provide mentorship, recommendations, standard methodologies, for HIP/HID and vulnerability scanning operations, stabilize and optimize system performance, assist with upgrades and tech refreshes, installations and configuration
- Define and implement technical and business requirements for data protection solutions
- Lead different security projects in the EU in the following domains
Qualifications for IT security consultant
- Experience with internal or external audit, information technology processes, accounting processes, risk assessments, business process reengineering, project management, and ERP packages preferred
- Working knowledge and experience with analysis tools such as IDEA, Audit Control Language, and proficiency in Microsoft Access, Word, Excel, PowerPoint, and Visio preferred
- Knowledge of the methods, techniques and processes to install, maintain and update firewall systems
- Ability to host in-person teleconference meetings
- Industry certification, CISSP or SANS
- University coursework in Electrical Engineering, Computer Sciences, or a related area of studies is preferred
3
IT Security Consultant Job Description
Job Description Example
Our company is growing rapidly and is looking for an IT security consultant. Please review the list of responsibilities and qualifications. While this is our ideal list, we will consider candidates that do not necessarily have all of the qualifications, but have sufficient experience and talent.
Responsibilities for IT security consultant
- Oversee and manage the documentation of flaws into risk registry and track remediation activities * Collaborate with the global IT Risk and Security team to ensure the alignment on global delivery
- Assist in the generation of metrics to drive the continuous improvement program and present current state of security status to management team Essential Business Experience and
- Review and development of security framework, information security policies, processes / procedures and guidelines on an ongoing basis
- Administer compliance with these policies / procedures through ongoing security reviews and audits, not limited to log analysis and security assessment of customer ICT systems
- To conduct security risk management exercise
- To manage vulnerability assessment and penetration tests
- To conduct information security awareness training
- Responsible for the development and management of customer’s security incident response plan
- Point of contact to assist and advise customer for ICT security related matters
- To be able to provide technical consulting and advice
Qualifications for IT security consultant
- 3+ years hands on experience with security or administration of either systems (Windows/Linux) or network devices (routers/firewalls/switches)
- Ability to integrate various data feeds into Splunk
- Extensive knowledge of packet capture and analytics tools
- Knowledge of the OWASP top 10 and related exploitation techniques, including but not limited to cross-site scripting, SQL injections, session hijacking and buffer overflows to obtain controlled access to target systems
- Experience performing information security assessment work
- Demonstrated ability to create complex comprehensive project reports with the ability to review and revise reports with peers
4
IT Security Consultant Job Description
Job Description Example
Our company is looking for an IT security consultant. Thank you in advance for taking a look at the list of responsibilities and qualifications. We look forward to reviewing your resume.
Responsibilities for IT security consultant
- You consult and support the IT function regarding IT process, security management and governance standards
- You initiate and facilitate the delivery of assurance by suppliers
- You coordinate process and security assurance and compliance activities
- You execute IT process and security maturity audits
- You train and coach IT teams in using the IT security management and control process and practices
- You contribute to the delivery and management of IT principles, process design, process implementation and process improvements
- You contribute to the definition of the DSM ICT Corporate Requirements, Practices, and Baselines
- You are responsible for designing and implementing the performance measurement framework for IT process and security management maturity
- You ensure that IT solutions within the scope of the role are compliant to relevant corporate, security, validation and architecture requirements, and that deviations are dealt with promptly according to the defined procedures
- Establish compliance with these policies / procedures through ongoing security reviews and audits, not limited to log analysis and security assessment of customer ICT systems
Qualifications for IT security consultant
- Technical network
- Must be willing to work in a 24x7 support environment with occasional on-call support
- 3+ years of hands-on experience in Security Systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering
- Experience with multiple information technology platforms (Microsoft, Linux, VMware, Cisco, Symantec)
- Experience with SailPoint IIQ or comparable IAM platform strongly preferred
- Skills on the definition and implementation of IT GRC Solutions, preferably blased on RSA Archer
5
IT Security Consultant Job Description
Job Description Example
Our company is growing rapidly and is hiring for an IT security consultant. To join our growing team, please review the list of responsibilities and qualifications.
Responsibilities for IT security consultant
- Manage HIP/HID products, assist with upgrades and tech refreshes, installations and configuration
- Define and implement technical and business requirements for data protection solutions, participate in project reviews
- Troubleshoot HIP/HID issues, provide consultancy and engage vendor where applicable
- Evaluate alternative security solutions and approaches
- Security Advisory Management for both regular out-of-band security advisories
- Management of Security Protection Devices such as IPSes, Firewalls and Load Balancers
- Security Audit Management as a Central Coordinator, Driver, Activity Tracker and SPOC
- Writing of Security Process & Policies
- Conducting of Security Awareness Briefings
- OS Hardening Management
Qualifications for IT security consultant
- Experience with hosting in-person teleconference meetings
- Excellent knowledge of Networking and Security infrastructure devices and applications
- Experience with threat intelligence and 3rd party agencies such as ISACS, DHS/US-CERT
- Strong experience with the use of ISO 27001 control framework and Information Security Management System (ISMS) implementation
- General awareness and broad understanding of business process controls
- Technical qualification an asset MCSE, CCNA, CCNP, CCSP