Infrastructure Security consultant Infrastructure
Our client is a global leading information security company and currently growing its Risk Management & Governance team. This is a position that our client relies upon to deliver standard projects. Security Consultants are expected to be capable of running projects and working around obstacles to meet customer expectations. Qualified candidates should have the technical and soft skills needed to act as members of various project teams and deliver more complex projects in a supporting role. Security Consultants need to be able to understand and explain findings and recommendations based on both technical and business criteria.
• 4-year degree or equivalent experience- mandatory
• Professional services/consulting experience- preferred
• Relevant certifications from certifying bodies include:
• IAPP – Certified Information Privacy Professional
• ISACA – CGEIT, CISA, CISM, CRISC, CSX
• CSA –CCSK
• ISC2 – CCSP, CISSP, HCISPP, SSCP
• SANS – GCCC, GISP, GSNA
• BSI – ISO 27001 Lead Auditor, Lead Implementor
• PCI SSC – QSA, PA-QSA, P2PE-QSA, PA-QSA
• HITRUST – CSF Practitioner, CSF Assessor
Required Technical Competencies (including, but not limited to):
• Compliance Assessment Standards;
• HIPAA – HITRUST, NERC CIP, PCI DSS, FedRAMP, SSAE 18 SOC / ISAE 3402
• Physical Security Assessment
• Threat & Risk Assessment
• Security and Compliance Frameworks;
• COBIT, ISO/IEC 27001, NIST CSF, NIST SP800-53
GRC + PCI (QSA)- Information Security Consultants GRC
Consulting and Advisory Services- Conducting gap analyses and assessments related to multiple information security frameworks. Creating professional reports for our clients that detail assessment findings.
• experience with ISO 27001, PCI DSS, OCC/FFIEC, SOC 1/2 and SSAE, SAS70, and COBIT is a plus
• proven experience in development (.NET ,PHP ,JAVA) – Must – Experience in the field of information Security – advantage.
• Independent learning & management capabilities
• Multi-tasking capabilities
• Ability to write a client reports
• Excellent verbal and written English
• Excellent writing, communication and leading skills.
• Relevant certifications in the domain (CISM, CISSP, etc.) – advantage