Senior Security Consultant

Overview

Job Title: Senior Security Consultant

Responsibilities

Audit Planning and Execution:

Develop and execute comprehensive security audit plans to assess the effectiveness of information security controls and processes.

Conduct risk assessments and identify areas of vulnerability, providing recommendations for improvement.

CERT-IN experience on Internal Audits and Gap Assessments.

Compliance Assessment:

Evaluate the organization's compliance with relevant regulations, standards, and industry best practices.

Stay abreast of changes in regulatory requirements and ensure audit processes align with evolving compliance landscapes.

Technical Security Assessment:

Perform technical security assessments, including penetration testing, vulnerability assessments, and configuration reviews.

Collaborate with IT and security teams to identify and remediate security vulnerabilities.

Security Awareness and Training:

Develop and deliver security awareness and training programs for employees to enhance the organization's security posture.

Collaborate with HR and training teams to ensure effective dissemination of security knowledge.

Vulnerability Assessment-Pen Testing (VA/PT):

Experience vulnerability assessment & penetration testing is to identify and evaluate vulnerabilities in a system, network, or application and hands-on with simulate real-world attacks on a system to identify and exploit vulnerabilities.

Mobile Device Management:

Device Provisioning , Security Policies, Application Management, Remote Management, Data Protection and Over-the-Air (OTA) Updates for the Mobile Device enablement of Security features.

Policy Review and Development:

Review and analyze security policies, procedures, and guidelines.

Provide recommendations for enhancing or developing security policies to address emerging threats and technologies.

Incident Response Testing:

Conduct simulations and exercises to test the effectiveness of incident response plans.

Provide feedback and recommendations for improving incident response capabilities.

Documentation and Reporting:

Document audit findings, recommendations, and remediation plans.

Prepare and present comprehensive reports to management and stakeholders, highlighting areas of concern and improvement.

Qualifications

• Bachelor's or Master's degree in Information Security, Computer Science, or a related field.
• Professional certifications such as CISSP (Certified Information Systems Security Professional) , CISM ( Certified Information Security Manager, CISA (Certified Information Systems Auditor), or equivalent.
• Proven experience in security auditing, VAPT, Code Security, Risk assessment, and compliance management

Skills

• Strong understanding of information security principles, best practices, and standards.
• Expertise in conducting technical security assessments, including penetration testing and vulnerability assessments.
• Excellent knowledge of relevant regulations and compliance frameworks.
• Analytical and critical-thinking skills with the ability to assess complex security environments.
• Strong communication skills, including the ability to convey technical information to non-technical stakeholders.

Experience

• Typically, 12+ years of experience in information security, with a focus on security auditing and compliance.
• Experience in leading and managing security audit projects.