We are looking for an experienced Senior Information Security and Compliance Consultant to join our team. As a Security Consultant, you will be responsible for delivering a range of information security consulting services to our clients. You will work closely with clients to identify and assess security risks, develop effective security strategies and solutions, and implement security controls to protect their sensitive information. In addition, you will lead compliance with either SOC 2, NIST CSF, ISO27001 or relevant security standard requirements.
Responsibilities:
- Conduct security assessments and risk analysis for clients to identify potential security risks and vulnerabilities.
- Develop and implement security strategies and solutions that align with client’s business objectives, cyber risk reduction and meet their security requirements.
- Lead the information security and compliance transformation program to help clients achieve relevant security compliance standards and best practice.
- Design security controls to enable security transformation with zero-trust architecture and risk reduction principles.
- Conduct security audits to ensure compliance with regulatory requirements, industry best practices, ISO 27001, NIST CSF and SOC 2 requirements.
- Ensure that clients adhere to relevant laws, regulations, and industry standards related to information security. This may involve developing and implementing compliance programs.
- Project manage security transformation and penetration testing activities and ensure that clients’ systems and applications are thoroughly tested for vulnerabilities.
- Develop and deliver training programs to educate clients on information security best practices.
- Provide guidance on the design and implementation of secure information systems, networks, and applications, ensuring that security measures are integrated into the architecture.
- Act as a proactive subject matter expert on information security and provide guidance and advice to clients and colleagues.
- Support the design and delivery of AMARU’s security services at a global scale.
- Support and manage AMARU’s security operations services delivered to clients.
- Mentor junior security consultants when needed.
Qualifications:
- Deep understanding and experience in implementing any of the following security standards: SOC 2, ISO 27001 and NIST CSF.
- Excellent communication and presentation skills, with the ability to communicate complex security concepts to technical and non-technical audiences.
- 6+ years of experience in information security consulting, with a proven track record of successful project delivery.
- Relevant information security certifications such as ISO 27001 Lead Implementer, CISSP, CISM, CRISC or others.
- Deep understanding of cloud security and project assurance.
- Strong analytical and problem-solving skills, with the ability to identify and assess security risks and develop cost-effective and practical solutions.
