Overview
We are seeking a skilled and experienced IT Security Consultant to join our cybersecurity team. The IT Security Consultant will be responsible for assessing, designing, implementing, and maintaining security solutions to protect our organization's information systems and data assets. The ideal candidate will have a deep understanding of cybersecurity principles, risk management, compliance requirements, and hands-on experience with security technologies. This role requires strong analytical skills, attention to detail, and the ability to collaborate effectively with stakeholders to mitigate security risks and ensure the confidentiality, integrity, and availability of our IT systems.
Roles And Responsibilities - Security Assessment and Planning:
- Conduct comprehensive security assessments, including vulnerability assessments, penetration testing, and risk assessments, to identify and prioritize security vulnerabilities and risks.
- Analyze security requirements, evaluate current security posture, and develop strategic security plans and roadmaps to address identified gaps and mitigate risks.
- Security Implementation and Configuration:
- Design, configure, and deploy security solutions and technologies such as firewalls, intrusion detection/prevention systems (IDS/IPS), endpoint protection, encryption, and secure authentication mechanisms.
- Implement security best practices and standards (e.g., ISO 27001, NIST Cybersecurity Framework) across systems, networks, and applications to enhance security posture.
- Incident Response and Management:
- Develop and maintain incident response plans and procedures to effectively detect, respond to, and recover from security incidents and breaches.
- Lead incident response activities, including investigation, containment, eradication, and recovery, collaborating with cross-functional teams to minimize impact and prevent recurrence.
- Security Monitoring and Compliance:
- Establish and maintain security monitoring tools and systems to detect and respond to security threats and vulnerabilities in real-time.
- Conduct regular security audits, compliance assessments, and regulatory reviews to ensure adherence to industry standards and legal requirements.
- Security Awareness and Training:
- Provide security awareness training and education programs to raise awareness among employees about cybersecurity threats, best practices, and policies.
- Promote a culture of security awareness and compliance throughout the organization through workshops, seminars, and communications.
- Documentation and Reporting:
- Document security incidents, investigations, findings, and remediation actions taken for reporting and regulatory compliance purposes.
- Prepare and present security assessment reports, risk assessments, and recommendations to management and stakeholders.
Compensation
- Competitive base salary commensurate with experience and qualifications.
- Performance-based bonuses or incentives tied to project success, security incident response effectiveness, and risk mitigation.
- Comprehensive benefits package including health insurance, retirement plans, and professional development opportunities.
- Potential for career growth and advancement within the organization based on performance and contributions.