Information Security Consultant Job Description

Information Security Consultant Job Description Template

Our company is looking for a Information Security Consultant to join our team.

Ensuring alignment with the latest regulations and compliance requirements, such as GDPR, ISO27001, CyberEssentials, etc;
Assisting and educating colleagues and technical teams regarding new security products and procedures;
Recommending security enhancements and providing technical security advice;
Responding to security-related incidents and providing thorough post-event analysis;
Monitoring the networks for security breaches and investigating violations when they occur;
Performing vulnerability and network scanning assessments and penetration testing;
Advising on policies and procedures;
Advise on information security risks in infrastructure, process and project implementations;
Discuss and enhance security state to key stakeholders;
Closing off actions on risk assessment recommendations;
Advise on potential threats and vulnerabilities recommending mitigating actions;
Assist with projects and business change initiatives.

Familiarity using industry standard tools for security testing;
Practical knowledge of security threats, risks and controls;
Security concepts relating to SSL, DNS, routing, authentication, VPN, proxy services and DDoS mitigation technologies;
Secure coding practices, ethical hacking and threat modelling;
DLP, SIEM and anti-malware tools;
GDPR and compliance assessments;
ISO 27001/27002/27017/27018, ITIL and COBIT frameworks;
TCP/IP, computer networking, routing and switching;
Cloud technologies, AWS;
Knowledge of security governance, policies and security frameworks such as – ISO27001, NIST, PCI DSS;
Firewall and intrusion detection/prevention systems;
Good written and verbal communication skills, including report writing and presentation skills;
Auditing and risk assessment methodologies;
Penetration and vulnerability testing techniques and tools.