Description
We are hiring for Information Security Consultant with one of our reputed client.
Job title: Information Security Consultant
Duration: 3-6 months
Location: Den Haag, Netherlands
Skills:
Security Strategy, Risk & Compliance position is for an experienced security professional with demonstrated consulting experience who is able to deliver strategic security advisory services and conduct comprehensive information security assessments. Consultant will also be responsible for designing security solutions, creating configuration standards, and certifying large complex security infrastructures for large enterprises accounts. The candidate will be assigned to multiple complex accounts encompassing a wide range of technical feature sets.
Candidates should be experienced information security consulting professionals with demonstrated experience performing security assessments and acting as senior security strategy advisors. Should possess proven record of IT and security thought leadership and be recognized for business as well as technical acumen by the customer set supported. It is preferred that the consultant have experience in gaping to multiple standards and frameworks including Payment Card Industry (PCI) Data Security Standard (DSS), PA-DSS, ISO, HIPAA, NIST, etc. and have experience in formulating security roadmaps to bridge existing gaps. Candidate must have demonstrated communication and presentation skills. Candidate must be a self starter and exhibit professional business conduct at all times.
Required Technical and Professional Expertise
At least 3 years of experience in information security consulting (professional services consulting for end clients)
At least 3 years of experience in interfacing at multiple levels of client management and building relationships
At least 2 years of experience in managing complex projects and using project management skills
Basic knowledge in security industry regulations/standards (PCI DSS, HIPAA, GDPR) and compliance frameworks (ISO 27002, CobiT)
Position requires a good understanding of large complex networks, network equipment, data center design, problem determination and trouble isolation, and equipment configurations
Gather and provide relevant inputs for understanding the customer requirement
Analyse gaps in current information security system and provide suggestions to be able to respond to them
Develop Security Improvement Plans
Analyse the existing security processes, policies, standards, procedures and guidelines and Remedy any known issues
Identify areas of improvement in security solutions periodically by looking at some improvements
Create and review the security procedures and provide management with updates on security aspects
Conduct security assessments, reviews and audits
Position requires a good understanding and hands on over basic network concepts like SSH, Power over Ethernet, SNMP, System Functions, DHCP/DHCP Snooping, Network Mirroring/Span Port, High availability Multi-Chassis EtherChannel. Knowledge of Layer 2: VTP, UDLD, 802.1Q trunking, Spanning Tree, Port Security, NTP, LACP etc
General Knowledge of routing protocols: BGP, OSPF, RIP, HSRP, VRRP, MHSRP, GLBP, MPLS, LDP, MP-BGP.
Detailed hands on knowledge of Stateful Firewalls, Next Gen Firewalls, IPS/IDS, Next Gen IPS, AAA, Content Filtering and Malware inspection Gateways, IPSEC VPN, SSL VPN, Encryption based solutions, failover, stateful failover, NAT/PAT, and Policy/Security.
Expected roles and responsibilities, but not restricted to the below:
Developing information security roadmaps, policies, remediation plans, security strategies.
Responsible for managing security control, performing risk assessment, incident management, vulnerability management.
Study customer network architecture, identify the gaps/risks in the existing environment and develop solutions to mitigate the identified gaps/risks.
Review security status with account team on a regular basis that includes a review of risk, issue, incident and outstanding activities, current and planned changes with respect to different offshore development centres.
Evaluate security technology to customer policy & standard.
Provide security consultancy services to assist customers with IT security & architecture.
Manage a team of SMEs to implement agreed security controls.
Responsible for regulatory control implementation and audits.
Coordination with business and support group for process improvement/review.
Single point of contact for any escalation for security issues.
Improve on reporting mechanism for audit function.
Perform security assessment to validate audit finding.