Role & Responsibilities:
- Implement information / IT security engagements for clients
- Provide delivery expertise on information security projects. This could be on technical or process aspects (such as Information Security Management Systems (ISMS) or ISO 27001, Business Continuity Management / IT Disaster Recovery Management or ISO 22301/ ISO 27301, Data Loss Prevention (DLP), Identity and Access Management (IAM), cloud security, cyber security design, tools and solutions, security strategy and security project management).
- Experience in the identification, assessment, mitigation and management of information security risks and issues across the information security spectrum.
- Identify best practices for Information Security into technically feasible and user friendly deliverables and communicate to clients and their Information Security staff.
- Gain understanding of key customer issues and help create proposals as required.
- Build own knowledge and competency in cyber security and gain alignment and understanding of at least one industry.
Qualifications:
- Degree in any discipline and/or MBA from a recognised institution; IT Degree preferred.
- Related certifications are a plus e.g. CISSP, CCSP, SSCP, GSLC, GISP, CISM, CRISC, CGEIT, CISA, CCSK, CEH, CCNA, ISO 27001 Lead Auditor, etc.
- Good overall understanding of IT.
- Strong understanding of information security & regulatory standards/ frameworks; e.g. ISO/IEC 27001, COBIT, ITIL, PCI-DSS, NIST Cyber Security Framework, GPIS1, etc.
- Good technical knowledge on at least one of the following areas:
- Data Security, Privacy, Classification and Data Loss Protection.
- IT Disaster Recovery Planning and Business Continuity Management.
- Network security architecture, management and controls including firewall, routers, IPS etc.
- Threat Intelligence & Advanced Persistent Threats (APT).
- Security Strategy and Roadmaps.
- Security Policy, Standard and Framework.
- Information Security Management Systems.
- Log Management and SIEM.
- Identity and access management solutions and implementation.
- Cloud security.
- Familiarity and experience in security standards and regulatory frameworks (e.g. ISO/IEC 27001, ITIL, GPIS1, PCI-DSS, etc.)