CyberSecurity Consultant

Описание вакансии

Avertium is seeking a Cybersecurity Consultant for the Acceleration & Optimization team with a focus on Microsoft Cloud. You should be security focused with emphasis on Microsoft cloud infrastructure and applications. The ability to develop and deliver reports, presentations, diagrams and creating implementation/integration plans and programs is a must. Subject matter expertise in one or multiple cloud platforms and solutions is required. You should be self-disciplined and able to work on individual tasks, sometimes without clear requirements, and to work well in a remote team environment. This role requires the ability to lead various architecture and integration projects, frequently serving in a consultative role, evaluate the client’s business challenges, and applying key technical prowess and industry best practices to provide security minded innovative and cost-effective solutions.

Responsibilities:

• Security strategy development: Collaborate with clients to develop and implement effective cybersecurity strategies. Define security frameworks, policies, and roadmaps aligned with clients' business objectives, risk appetite, and industry best practices.
• Security controls implementation: Design and implement advanced security controls and technologies based on industry standards and regulatory requirements. This may involve configuring and integrating various security tools, such as SIEM, DLP, IDS/IPS, and endpoint protection systems.
• Security architecture design: Provide expertise in designing secure systems, networks, and cloud environments. Develop security architectures that align with industry best practices, regulatory requirements, and clients' specific needs. Assess and recommend security controls for new technology implementations.
• Project management: Lead and manage complex cybersecurity projects, ensuring projects are delivered on time, within budget, and meet quality standards.
• Client relationship management: Develop and maintain strong client relationships. Act as a trusted advisor, provide timely and effective communication, and address client concerns or escalations.
• Research and thought leadership: Stay updated on the latest cybersecurity trends, emerging threats, and technologies. Conduct research and contribute to thought leadership initiatives, such as whitepapers, industry presentations, and internal training sessions.

Qualifications:

• Bachelor's or master’s degree in computer science, Information Security, or a related field.
• 5+ years of experience in cybersecurity, IT audit, or a related role, with progressively increasing responsibilities.
• In-depth knowledge of cybersecurity principles, technologies, and best practices.
• Proficiency in network and system security concepts, including secure architecture design and/or secure coding practices.
• Project management skills, with the ability to lead and execute multiple projects simultaneously.
• Excellent communication and interpersonal skills, with the ability to effectively communicate complex concepts to technical and non-technical stakeholders.
• Strong problem-solving and analytical abilities.
• Ability to apply industry standards and best practices (such as CIS, NIST, PCI, HIPAA, etc) in the areas of IT, Network, Cloud, and Enterprise Architecture.
• Experience with emphasis in information security (INFOSEC), Cybersecurity, Data Security, Network Security, or other related areas.
• Applicant is required to have Skills and Experience in one or more of each of the following categories:
• Cloud Architecture and Engineering
• Microsoft Azure
• Microsoft 365
• Amazon Web Services (AWS)
• Google Cloud Platform (GCP)
• Microsoft Cloud Platform
• Microsoft Defender XDR
• Microsoft Defender for Cloud
• Microsoft Sentinel
• Microsoft Security Center
• Microsoft Purview
• Microsoft Priva
• Microsoft Intune
• Microsoft Entra
• Microsoft SharePoint
• Security Oriented Solution Management/Integration
• Cloud Access Security Broker (CASB)
• Identity & Access Management (IAM)
• Privileged Access Management (PAM)
• Privileged Identity Management (PIM)
• Security Information and Event Management (SIEM)
• Web Application Firewalls (WAF)
• Security Orchestration, Automation, and Response (SOAR)
• DevOps, Integration & Automation
• Coding/Scripting (Multiple platforms)
• DevSecOps / SecDevOps
• Infrastructure as Code (IaC)
• CloudFormation
• ARM Templates
• Jenkins
• GitHub
• REST/SOAP APIs
• Data Management/Analysis
• Elasticsearch, Logstash, Kibana (ELK Stack)
• NoSQL
• SQL
• Data Warehouse
• Data Lake
• #LI-CS1