Security Consultant
Job Summary
The Security Consultant will be responsible for providing both technical and non-technical guidance on security-related matters for the organization. This role involves assessing security risks, developing security controls, and implementing solutions to protect the organization's digital assets and infrastructure. The Security Consultant collaborates with internal teams and clients to understand their business requirements while balancing security needs. They will conduct security assessments and deliver recommendations to improve the organization's security posture. Additionally, they stay updated on the latest security trends and technologies to provide proactive and effective security consulting services.
Key Responsibilities
· Strategic planning for IT security investments and technology adoption to maximize effectiveness of IT security controls against rapidly evolving threats
· Develop and maintain common standards, methodologies and best practices for security management to ensure IT systems are designed with due considerations for security
· Provide consultancy and advice on IT security architecture and design considerations to IT project teams
· Lead in the design and implementation of IT security platforms and their associated software which may include access control solutions, identity and access management platforms, data protection technologies, anti-malware, vulnerability management, security monitoring and compliance tools
· Perform security review of IT system
· Ensure security best practices and compliance standards are implemented on IT system
· Liaise with internal and external stakeholders on cyber security issues to keep everyone abreast of expectations, project/issue status and completion
· Track and analyze IT security metrics for optimal effectiveness and benchmarking
What we are looking for
Requirements:
· Background in Engineering or Computer Science
· 8 or more years of working experience in IT Security
· Relevant certifications in networking or cyber security, e.g. CISSP, CISM, CISA, CRSIS preferred
· Experience with DevSecOps methodologies and processes preferred
· Experience in security architecture of cloud native applications preferred
· Experience in providing security advisory and consultancy on application and services, including the design, development, implementation and/or management of the system
· Understanding of CI/CD tools
· Experience with security tools and technologies, such as Security Information and Events Management, Data Loss Prevention, Database Activity Monitoring, Data Security and Protection, Privileged Access Management, File Integrity Monitoring, Web Application Firewall, Intrusion Prevent etc