Consultant at Box and Cedar

Job Description:

Job Duties / Responsibilities Accountabilities

• Responsible for finalising and delivering reports outlining test results and delivering presentations to technical management
• Develop and maintain methodologies and software tools to enhance the company infrastructure and web application security testing services
• Use security assessments as a mechanism to shape up security strategy for organisations in order to meet the challenges posed by evolving cyber threats
• Administration of various Information Security Management Systems (ISMS)
• Strategic consulting, including business plan and sales strategy
• Strategic consulting for clients on how to align IT goals with business goals and objectives
• Strategic consulting on enterprise architecture, Info Sec and Project management
• Providing on and off site consultancy support to clients in developing and implementing information security management processes and procedures
• Working autonomously with clients on PCI DSS certification projects as a PCI QSA
• Liaising with clients at all levels, presenting results and co-ordinating client work and requirements
• Conducting compliance and risk assessments, including completing PCI Report of Compliance (ROC) as the PCI QSA
• Documenting project plans, action plans, presentations and project results for clients
• Define and produce client policies, procedures, processes and other documentations as required
• Conduct mock audit/surveillance audit for clients as an ISO 27001 Lead Auditor
• Managing the PCI DSS project end to end for clients
• Performs security assessments/compliance for enterprises in various domains like banking, software development, retail, telecom, service providers, etc

Other Responsibilities

• Provide mentoring, coaching and direction setting to staff
• Providing independent advice on information security
• Identifying opportunities for business process improvements
• Effectively markets the company’s service, facilities and amenities
• Writing logical, comprehensive, concise reports and correspondence
• Perform other related duties as required

Minimum Qualification:

• Bachelor’s degree (preferably in computer science) or equivalent information security experience

Professional Qualifications

• Security certification such as CISSP, ISO 22301, ISO 27001, CISM, CEJ, LPT, CCSA, CHFI, ITIL etc.
• Other relevant certifications such as PMP

Knowledge & Skills

• An experiences Penetration Tester (External and Internal Penetration testing)
• Extremely technical in information security architecture/Penetration Testing
• Strong technical understanding of current security trends and solutions
• Infrastructure and Architecture analysis
• Risk management
• Awareness of IT Security Compliance (PCI DSS, Data Protection Act, ISO 27001)
• Process oriented, capable of documenting guidelines, policies and procedures
• Working knowledge on drafting security baseline
• Well versed with Data Identification and Classification concepts and methods
• Excellent interpersonal and teamwork capabilities
• Ability to work individually but also to collaborate in a virtual team, with partners and clients
• Intelligent, articulate and persuasive
• Experience with business continuity planning, auditing and risk management
• Change management, project management and planning skills
• Excellent oral, written and presentation skills

Job Type:
Full Time

Experience:
3-5 Years