Job Description

Reference: Vrg_2425_057

Job title: Cybersecurity Consultant

We are seeking a Cybersecurity Consultant for a future role. We are looking for an experienced Cybersecurity Consultant to join our team. This role is focused on helping organizations identify, assess, and mitigate cybersecurity risks while ensuring compliance with industry standards and frameworks. The successful candidate will have expertise in various SIEM tools, Intrusion Detection/Prevention Systems (IDS/IPS), vulnerability management, Identity and Access Management (IAM), and other security technologies.

Key Responsibilities:

Assess and identify potential cybersecurity risks and vulnerabilities across clients' IT environments using tools such as Nessus, Qualys, OpenVAS, and Rapid7 InsightVM. Provide comprehensive cybersecurity risk assessments and help organizations design strategies for risk mitigation. Advise clients on implementing and maintaining security best practices, including NIST Cybersecurity Framework, ISO/IEC 27001, and CIS Controls. Configure and manage SIEM tools like Splunk, IBM QRadar, LogRhythm, and ArcSight for real-time monitoring, detection, and analysis of security events. Implement Intrusion Detection/Prevention Systems (IDS/IPS) using tools such as Snort, Suricata, Zeek, and TippingPoint to detect and mitigate malicious activities. Support incident response by utilizing tools like Metasploit, Burp Suite, Kali Linux, and OWASP ZAP to perform penetration testing, security assessments, and vulnerability exploitation. Design, implement, and optimize Identity and Access Management (IAM) solutions to ensure secure access controls, authentication, and authorization mechanisms. Advise on the implementation of Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Privileged Access Management (PAM) solutions. Conduct thorough vulnerability scans and assessments using Nessus, Qualys, Rapid7 InsightVM, and other tools to identify weaknesses within the client's environment. Perform penetration testing using tools like Metasploit, Kali Linux, OWASP ZAP, and Burp Suite to identify and exploit vulnerabilities. Develop strategies to remediate identified vulnerabilities and ensure continuous security improvements. Advise clients on compliance with industry standards and frameworks such as NIST Cybersecurity Framework, ISO/IEC 27001, and CIS Controls. Assist with ISO 27001 audits, NIST gap analysis, and CIS Controls alignment for clients to achieve compliance. Help clients design and implement effective Data Loss Prevention (DLP) strategies and tools. Act as a trusted advisor to clients, offering strategic insights into cybersecurity threats and best practices. Assist clients with the implementation of advanced security controls and measures in line with industry standards. Provide recommendations for continuous security improvements and effective governance processes. Help clients design and implement secure architectures based on Zero Trust principles and other security models. Ensure that security by design principles are integrated into all stages of system and application development. Work with cross-functional teams to design security controls in infrastructure, applications, and cloud environments. Guide clients through the configuration and deployment of cybersecurity tools such as RSA Archer, OneTrust, and other risk management and governance solutions. Implement, optimize, and maintain security technologies such as Intrusion Detection Systems (IDS), Firewalls, DLP solutions, and Vulnerability Management Tools.
Required Skills & Qualifications:

Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field. 4+ years of experience in cybersecurity consulting, specifically in risk management, security monitoring, and compliance. Proficient in working with SIEM tools like Splunk, IBM QRadar, LogRhythm, and ArcSight. Hands-on experience with IDS/IPS tools such as Snort, Suricata, Zeek, and TippingPoint. Solid understanding and experience with vulnerability management tools like Nessus, Qualys, Rapid7 InsightVM, and OpenVAS. Experience with IAM solutions, including MFA, SSO, and PAM systems. Expertise in conducting penetration testing and vulnerability assessments using tools like Metasploit, Kali Linux, OWASP ZAP, and Burp Suite. Experience with Data Loss Prevention (DLP) technologies and strategies. In-depth knowledge of security frameworks like NIST, ISO 27001, CIS Controls, and MITRE ATT&CK. Experience in implementing and maintaining compliance with industry standards and audits. Experience with cloud security solutions and cloud-native application security. Strong experience in risk management and governance using RSA Archer, OneTrust, or similar tools. Advanced scripting skills with Python, Bash, or PowerShell for automation and tool integration. Experience in designing and implementing Zero Trust Architecture. Familiarity with advanced security research and tool development. Employment Type: Full-time, Permanent [with Part-time and Fixed-term options available]
Job Types: Full-time, Fixed term contract

Schedule:

Monday to Friday
Education:

Bachelor's (preferred)
Experience:

Cybersecurity Consultant: 3 years (preferred)
Application deadline: 27/05/2025
Reference ID: Vrg2425057