YOTTABYTE (PVT) LTD
We are looking for a Senior Consultant – Cybersecurity / Governance
- Conduct cybersecurity assessments and audits using many different methodologies including HTRA, NIST , ISO , CMM maturity models.
- Develop governance frameworks, policies, standards and procedures.
- Provide technical expertise in the areas of network and application security.
- Understanding of common application vulnerabilities (e.g., OWASP top and networking (e.g. common layer 2 technologies, TCP/IP stack, routing) is required.
- Design and document security architecture and security zones for complex IT solutions and systems.
- Communicate with C-level (e.g., CIO) to provide advice and recommendations for CISO as a Service engagement.
- Produce detailed PowerPoint presentations for kickoff, summary of findings, executive presentations.
- Educate and communicate security requirements, policies, standards and procedures to business/internal stakeholders as it relates to projects and strategic initiatives.
- Research and improve your knowledge base of current technology advancements, trends and directions and identify the potential threats and exposures to clients.
- 7+ Years of cybersecurity experience.
- Experience with all domains of cybersecurity, including governance, identity and access management, monitoring, auditing, network security, application security, cloud, end-point protection, incident response, data encryption, disaster recovery.
- Familiarity with ISO /2 information security management system is mandatory.
- Familiarity with cybersecurity control baselines is required: ISO , NIST , CIS benchmarks Expertise in public cloud technologies: Azure, AWS, GCP is highly desirable.
- A bachelor’s degree in computer science, cyber-security or a related field.
- Certified Information Systems Security Professional (CISSP) accreditation is preferred.
- Strong knowledge on NIST Cybersecurity Framework (i.e., NIST and ISO/2 Standards.
- Certifications: CISSP, CISM, SSCP, Certified in Risks and Information Systems Control (CRISC), cloud security certifications, ISO lead auditor or implementer would be a plus.
- Business acumen and pragmatic approach to implementing security controls that balance cost benefit analysis and business impact is a must.
- Strong communication and presentation skills – Fluent in both, written and spoken English.
Job date: Thu, 03 Nov 2022 23:09:38 GMT