Information Security Consultant Job Description Template
Our company is looking for a Information Security Consultant to join our team.
Responsibilities:
- Ensuring alignment with the latest regulations and compliance requirements, such as GDPR, ISO27001, CyberEssentials, etc;
- Assisting and educating colleagues and technical teams regarding new security products and procedures;
- Recommending security enhancements and providing technical security advice;
- Responding to security-related incidents and providing thorough post-event analysis;
- Monitoring the networks for security breaches and investigating violations when they occur;
- Performing vulnerability and network scanning assessments and penetration testing;
- Advising on policies and procedures;
- Advise on information security risks in infrastructure, process and project implementations;
- Discuss and enhance security state to key stakeholders;
- Closing off actions on risk assessment recommendations;
- Advise on potential threats and vulnerabilities recommending mitigating actions;
- Assist with projects and business change initiatives.
Requirements:
- Familiarity using industry standard tools for security testing;
- Practical knowledge of security threats, risks and controls;
- Security concepts relating to SSL, DNS, routing, authentication, VPN, proxy services and DDoS mitigation technologies;
- Secure coding practices, ethical hacking and threat modelling;
- DLP, SIEM and anti-malware tools;
- GDPR and compliance assessments;
- ISO 27001/27002/27017/27018, ITIL and COBIT frameworks;
- TCP/IP, computer networking, routing and switching;
- Cloud technologies, AWS;
- Knowledge of security governance, policies and security frameworks such as – ISO27001, NIST, PCI DSS;
- Firewall and intrusion detection/prevention systems;
- Good written and verbal communication skills, including report writing and presentation skills;
- Auditing and risk assessment methodologies;
- Penetration and vulnerability testing techniques and tools.