About the role
As a Cybersecurity Consultant, you are responsible for the development of strategy for our customers security architecture. You will also be responsible for keeping a client’s data suitably protected and free from the risk of cyber-attacks and related problems.
Responsibilities
- Within specific technical platform(s) be responsible for driving security improvement from design through delivery and into operations through good practices and representing the importance and business benefit of Cyber Security. Act as security evangelist and ‘mentor’ to the customer/business and development teams.
- Take the lead on finding technical Cyber Security solutions – drawing on your previous knowledge, self-learning and formal training. Embedding Secure-by-Design and Secure Development Life Cycle principles
- Ability to apply security principles and good practice to manage security and risk in cloud environments., e.g. authentication, role-based access, encryption
- Discuss and analyze requirements with business stakeholders, and design high quality seamless solutions, balancing Cyber Security versus /business value trade-offs.
- Work with multiple solution design options, and recommend the most appropriate solution considering business priorities, technical feasibility, return on investment and delivery timelines.
- Participate in work estimation, scope definition and delivery planning activities.
- Undertake security engineering in the Platform features and stories
Key qualifications and technical skills
- Experience of providing Technical consultancy within a Digital/Cloud setting.
- You should have experience of implementing vulnerability management and remediating security issues as they are found
- Experience with the application of threat modeling or other risk identification techniques and security best practices associated with containers, kubernetes and distributed systems.
- Proficient with ANY THREE of the Cyber Security Standards like ISO 27001/2, NERC, NIST, ISO 15408, ANSI / IEC 62443, GDPR, HIPAA, ISO/IEC 27032
- Application or software security certifications ONE or ALL are preferred, such as CISSP-ISSEP and/or CISSP-ISSAP, CEH, or OSCP, CSSLP, GIAC GWEB/GSSP-Java/GSSP-.NET, etc
- Hands on experience with ANY of the encryption (IPSEC, AES, GRE, IKE, MD5, SHA, 3DES), cryptographic standards, communication protocols, security standards and vulnerabilities
- Strong interest in Internet technologies (routing, switching and general network infrastructure) including technologies associated with the ISP and end customer i.e SDWAN, MPLS, WAN-Optimization Solutions.
- Good Knowledge of NGFW (Checkpoint/Cisco), Firewall Assurance, Load Balancer (F5/Radware/Kemp), Encryption, WAF, DDoS etc.
- Good Knowledge on Advance security like SIEM, (ArcSight, Splunk, DNIF), SOAR, DNS Security, Security Analytics, NAC, DRM, Identity and Access Management, Cloud Security, Vulnerability Management and Data Protection Solutions.
- Knowledge of Infosec, ISO 27001, GDPR, PCI-DSS Processes etc.
- Knowledge of IPv4 ,IPv6,OSPF,BGP etc.
- Certification like CISSP,CCSP,CEH will be an added advantage,
- 5+ Years of exp. specially in Designing Solution in Networking/Security, Infra & Application Domain. Designing HLD/LLD as per requirement
Soft skills
- Excellent written and verbal communication skills with customer stakeholders and
- interpersonal skills at both a technical and non-technical level
- Ability to manage conflicting priorities and multiple tasks
- Proven ability to work and effectively prioritize in a dynamic, collaborative and decentralized work environment
- High attention to detail