CONSULTANT, IT SECURITY

-

Job Purpose

Perform IT security compliance and monitoring efficiently, in timely manner and quality standards as per the defined policies and procedures to achieve departmental operational plans and developments within wider scope. Monitoring existing and potential cybersecurity threats. Collecting and analyzing raw data from networks, sorting and filtering data, and producing accurate and timely intelligence reports that help tackle cyber threats.

Key Accountability Areas

DevSecOps:

• Expertise managing large scale applications.
• Deep experience with CI/CD, DevOps development automation.
• Experience with Lean product development and agile software development principles and process
• Convey complex technical security concepts to technical and non-technical audiences including executives.
• Strong knowledge of OWASP Top 10 web and the ability to effectively communicate methodologies and techniques with development teams.
• Ability to automate DAST/SAST solutions and reporting.
• Support SDLC and agile environments with application security testing and source code reviews.
• Provide technical leadership and advise to junior team members on attack and penetration test engagements.
• Develop automated solutions that mitigate risks throughout the organization.
• Understanding of TCP/IP network protocols.

IT Monitoring: 

• Analyze and monitor emerging cyber threats, attack techniques, and vulnerabilities to keep the organization informed and prepared..
• Monitor security events and incidents to identify patterns, indicators of compromise (IOCs), and tactics, techniques, and procedures (TTPs) used by threat actors.
• Investigate and analyze phishing campaigns to identify potential targets, attack vectors, and malicious infrastructure
• Monitor underground forums and marketplaces on the dark web to identify potential threats and activities targeting the organization

IT Security Governance: 

• Develop any required IT security procedures.

IT Risk Management:

• Provide feedback for identified IT risk during annual risk assessment, periodic reviews and any ad-hoc reviews.
• Support IT Risk consultant in establish KPIs and KRIs.

IT Business Continuity: 

• Support IT business continuity process with inputs for IT security recovery.
• Support establishing KPIs and KRIs IT security recovery.
• Take part in IT business continuity in relation to IT security recovery.

IT Security Consultancy:

• Review and provide guidance to GIT teams and business staff for IT security matters.

Role Accountability

HR Proficiency:

• Ability to obtain updated soft and technical skills related to the job

Delivery:

• Perform the planned activities to meet the operational and development targets as per delivery schedules.
• Utilize resources effectively to achieve objectives within efficient cost and time.
• Provide a periodic report formatted by detailing the deviation and execution of planned tasks.

Problem-Solving:

• Solve any related problems arise and escalate any complex operational issues.

Quality:

• Ensure quality requirements to develop effective quality control and processes including specifications for products or processes or related activities.

Business Process Improvement:

• Coordinate well-defined written systems, policies, procedures, and seek automations opportunities as much as possible.

Compliance:

• Comply to related policy and procedures and work instructions.

Health, Safety, and Environment:

• Ensure compliance of relevant safety, quality, and environmental management procedures and controls within defined area of work activity to guarantee safety, legislative compliance, and delivery of high-quality products/services.

Academic Qualification
Bachelor Degree in Computer Science or Any relevant field


Work Experience
4 to 6 Years


Technical / Functional Competencies
Configuration Management
Cryptography/Encryption
Event Monitoring/Log Analysis
Fault Diagnosis/Isolation/Detection
Penetration Testing
Vulnerability Assessments
Security Troubleshooting