Cybersecurity Consultant

Reference: Vrg_2425_057

Job title: Cybersecurity Consultant

Key Responsibilities:

- Assess and identify potential cybersecurity risks and vulnerabilities across clients’ IT environments using tools such as Nessus, Qualys, OpenVAS, and Rapid7 InsightVM.
- Provide comprehensive cybersecurity risk assessments and help organizations design strategies for risk mitigation.
- Advise clients on implementing and maintaining security best practices, including NIST Cybersecurity Framework, ISO/IEC 27001, and CIS Controls.
- Configure and manage SIEM tools like Splunk, IBM QRadar, LogRhythm, and ArcSight for real-time monitoring, detection, and analysis of security events.
- Implement Intrusion Detection/Prevention Systems (IDS/IPS) using tools such as Snort, Suricata, Zeek, and TippingPoint to detect and mitigate malicious activities.
- Support incident response by utilizing tools like Metasploit, Burp Suite, Kali Linux, and OWASP ZAP to perform penetration testing, security assessments, and vulnerability exploitation.
- Design, implement, and optimize Identity and Access Management (IAM) solutions to ensure secure access controls, authentication, and authorization mechanisms.
- Advise on the implementation of Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Privileged Access Management (PAM) solutions.
- Conduct thorough vulnerability scans and assessments using Nessus, Qualys, Rapid7 InsightVM, and other tools to identify weaknesses within the client’s environment.
- Perform penetration testing using tools like Metasploit, Kali Linux, OWASP ZAP, and Burp Suite to identify and exploit vulnerabilities.
- Develop strategies to remediate identified vulnerabilities and ensure continuous security improvements.
- Advise clients on compliance with industry standards and frameworks such as NIST Cybersecurity Framework, ISO/IEC 27001, and CIS Controls.
- Assist with ISO 27001 audits, NIST gap analysis, and CIS Controls alignment for clients to achieve compliance.
- Help clients design and implement effective Data Loss Prevention (DLP) strategies and tools.
- Act as a trusted advisor to clients, offering strategic insights into cybersecurity threats and best practices.
- Assist clients with the implementation of advanced security controls and measures in line with industry standards.
- Provide recommendations for continuous security improvements and effective governance processes.
- Help clients design and implement secure architectures based on Zero Trust principles and other security models.
- Guide clients through the configuration and deployment of cybersecurity tools such as RSA Archer, OneTrust, and other risk management and governance solutions.
- Implement, optimize, and maintain security technologies such as Intrusion Detection Systems (IDS), Firewalls, DLP solutions, and Vulnerability Management Tools.

Required Skills & Qualifications:

- Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field.
- 4+ years of experience in cybersecurity consulting, specifically in risk management, security monitoring, and compliance.
- Proficient in working with SIEM tools like Splunk, IBM QRadar, LogRhythm, and ArcSight.
- Hands-on experience with IDS/IPS tools such as Snort, Suricata, Zeek, and TippingPoint.
- Solid understanding and experience with vulnerability management tools like Nessus, Qualys, Rapid7 InsightVM, and OpenVAS.
- Experience with IAM solutions, including MFA, SSO, and PAM systems.
- Expertise in conducting penetration testing and vulnerability assessments using tools like Metasploit, Kali Linux, OWASP ZAP, and Burp Suite.
- Experience with Data Loss Prevention (DLP) technologies and strategies.
- In-depth knowledge of security frameworks like NIST, ISO 27001, CIS Controls, and MITRE ATT&CK.
- Experience in implementing and maintaining compliance with industry standards and audits.
- Strong experience in risk management and governance using RSA Archer, OneTrust, or similar tools.
- Advanced scripting skills with Python, Bash, or PowerShell for automation and tool integration.
- Experience in designing and implementing Zero Trust Architecture.
- Familiarity with advanced security research and tool development.
- Employment Type: Full-time, Permanent [with Part-time and Fixed-term options available]

**Job Types**: Full-time, Fixed term contract

Schedule:

- Monday to Friday

**Education**:

- Bachelor's (preferred)

**Experience**:

- Cybersecurity Consultant: 3 years (preferred)

Application deadline: 27/05/2025
Reference ID: Vrg_2425_057