Sr. Information Security Consultant
We are seeking a highly motivated and skilled Sr. Information Security Consultant to join our team. As a Sr. Information Security Consultant, you will lead engagements, maintain client relationships, and provide expert insights on cybersecurity frameworks, cloud security, and emerging technologies.
Job Title: Sr. Information Security Consultant
Designation: Sr. Information Security Consultant
Reports to: Chief Information Security Officer (CISO)
Location: Remote
Shift: Standard (09:00 AM to 06:00 PM) from Monday to Friday
Position Overview
We are seeking a highly motivated and skilled Sr. Information Security Consultant to join our team. As a Sr. Information Security Consultant, you will responsible for leading and driving engagements from inception through completion. You will cover a wide range of engagements in addition to their subject matter expertise, including, but not limited to, cybersecurity frameworks, offensive tactics, regulations, standards, cloud security, emerging technologies, applications and general best practice assessments. Also, you will report on the state of risk for security and business leadership and maintain transparency to convey an understanding of where risk resides and where improvements need to be made.
Roles and Responsibilities
- Conduct comprehensive market research to understand the current state of the Nepali cyber security market. Identify market trends, challenges, and opportunities to productize security services with the combination of consultative engagements and technology tooling solutions.
- Build strong relationships with vendors and partners, negotiate competitive pricing, stay informed about product updates, and collaborate closely to address customer inquiries and technical support.
- Develop sales strategies, present and demonstrate security service offerings, generate leads, convert opportunities into successful deals, oversee technical implementation, and maintain consistent customer engagement and collaboration.
- Develop sales strategies, present and demonstrate security service offerings, generate leads, convert opportunities into successful deals, oversee technical implementation, and maintain consistent customer engagement and collaboration.
- Create innovative security awareness campaigns using solution providers and custom-developed tools designed to be flexible and adaptable across a diverse employee population (executives, engineering, sales, finance, customer service, etc.).
- Coordinate advanced technical engagements ranging from, but not limited to, information security risk assessments, cloud security assessments/implementation, penetration testing, application security, business continuity, security training, third parties and compliance reviews.
- Maintain positive client relationships and ensure timely delivery and clear communication.
- Lead process from scoping through report deliverables, and be readily available for post-engagement questions.
- Identify deficiency gaps pertaining to industry best practices and business impact analysis.
- Compile highly technical report data ranging from vulnerability and penetration testing assessments, application and defensive controls (cloud security, endpoint, network, data protection).
- Document findings, propose remediation requirements and recommendations, and communicate results with leadership.
- Outline tactical and strategic guidance to help clients improve their security practice and achieve goals.
- Highlight risk reduction steps to be implemented and maintained through policies, procedures, frameworks and technical controls.
- Identify strengths and weaknesses in the program as they relate to privacy, security, architecture, business resiliency and compliance frameworks.
- Recognize and escalate client concerns to consultancy leadership before issues arise and impact work.
- Remain flexible, adapt to the client’s changing needs, and be willing to revise engagement as needed.
- Upon request, be willing to travel to meet the client’s engagement requirements.
- Professional accountability to remain educated on regulatory requirements, adversary tactics and industry best practices.
- Share lessons and takeaways from engagements to improve practice competencies.
- Openly supports the organization, management and executive leadership team always.
- Perform other duties as assigned.
Skills and Qualifications
- Task Related skills and Certifications
- Bachelor’s degree in Computer Science, Information Technology, or a related field.
- Five to seven years, or more, of cybersecurity and IT practitioner experience.
- Three or more years of cybersecurity consulting and risk management experience.
- Preferable to have one or more of the following: CRISC, CISSP, CISM, CISA, QSA, GSEC, OSCP.
- Competencies and Soft Skills
- Exceptional project management skills and capable of managing complex and lengthy engagements.
- Aptitude for technical writing, combined with outstanding business acumen and communication skills.
- Effective presentation skills, capable of delivering findings, risk and recommendations to stakeholders.
- Administration and/or familiarity with network and host configurations, application security, cloud security, third-party risk management and role-based access.
- Technical experience preferred, having configured, implemented and maintained enterprise cloud, networks, hosts, applications and directory services.
- Vulnerability and configuration management understanding with a variety of technologies and applications.
- Ideally, familiar with one or more regulatory requirements and laws such as, but not limited to, PCI, CMMC, FFIEC, SOX, HIPAA, GDPR, and GLBA. Additionally, experience in one or more: ISO 17799, ITIL, NIST.
- Track record of acting with integrity, taking pride in work, seeking to excel, and being curious and flexible.
- Understanding of service design, delivery concepts and control frameworks.
- A high degree of integrity, trustworthiness and confidence; represents the company and its management team with the highest level of professionalism.
- Written and verbal proficiency in English and Nepali languages.
Note: The job description indicates general expected responsibilities and requirements and may be subject to revision based on Genese Solution’s evolving needs.
What We Offer
- Work in a multinational company operating in the Cloud & ICT domain, based out of the UK and operating in Australia, India, Nepal, Pakistan, and Bangladesh
- Best in class open, progressive, professional, and equal opportunity work environment
- Closely knit and supportive team members and a culture where your contributions, opinions, and diversity is welcome, respected, & encouraged
- Exposure to multi-disciplinary skill areas (including team management & leadership) in a vibrant start-up ecosystem with deep work involving world-class leaders like Amazon, Microsoft, Google, Alibaba, DigitalOcean, and Facebook
- Opportunity to travel regionally (as part of assignment/ training and development or delivery ) in Nepal, India, Pakistan, Bangladesh, or Srilanka
How to apply?
Suitable candidates meeting the above criteria are requested to send their CV and cover letter to hr@genesesolution.com
Only shortlisted candidates will be invited for the further selection process. You are requested to clearly mention the position you are applying for in the subject of the email.
OR