Cybersecurity Consultant

As a Cybersecurity Consultant, you will be part of a multidisciplinary team and you will work in the Digital Security division of SAI. The ideal candidate will work with stakeholders in division to identify opportunities where our digital security advisory can provide added value delivering services to clients. The team is responsible for the provision of digital security consulting services to support our customers in maintaining their business-critical activities. As a candidate you will need to have a passion for discovering new approaches, working with diverse stakeholders to improve business outcomes and sharing knowledge.The team is made of experienced and junior consultants with a mix of specialties proper to each consultant.

𝐍𝐎𝐓𝐄: 𝐎𝐩𝐞𝐧 𝐎𝐍𝐋𝐘 𝐭𝐨 𝐜𝐚𝐧𝐝𝐢𝐝𝐚𝐭𝐞𝐬 𝐫𝐞𝐬𝐢𝐝𝐢𝐧𝐠 𝐢𝐧 𝐌𝐀𝐔𝐑𝐈𝐓𝐈𝐔𝐒.
𝐓𝐡𝐢𝐬 𝐩𝐨𝐬𝐢𝐭𝐢𝐨𝐧 𝐨𝐟𝐟𝐞𝐫𝐬 𝐡𝐲𝐛𝐫𝐢𝐝 𝐰𝐨𝐫𝐤𝐢𝐧𝐠 𝐬𝐞𝐭𝐮𝐩 𝐚𝐧𝐝 𝐰𝐢𝐥𝐥 𝐫𝐞𝐪𝐮𝐢𝐫𝐞 𝐭𝐡𝐞 𝐫𝐢𝐠𝐡𝐭 𝐜𝐚𝐧𝐝𝐢𝐝𝐚𝐭𝐞 𝐭𝐨 𝐛𝐞 𝐚𝐯𝐚𝐢𝐥𝐚𝐛𝐥𝐞 𝐝𝐮𝐫𝐢𝐧𝐠 𝐂𝐄𝐓 𝐭𝐨 𝐬𝐮𝐩𝐩𝐨𝐫𝐭 𝐨𝐮𝐫 𝐄𝐔 𝐜𝐥𝐢𝐞𝐧𝐭𝐬.

Responsibilities

• Design, implementation and maintenance of Information Security, Cybersecurity and Data Protection Management Systems based on relevant standards and regulations (e.g. ISO/IEC 27001, ISO/SAE 21434, SOX, GDPR, Cookies guidelines, ...)

• Support to achieve Compliance with Security and Personal Data protection standards and regulations

• Design of information Security policies, guidelines, processes and procedures

• Development of Information Security awareness and training initiatives (e.g. training and awareness programs, Security events, crisis and cyber incidents simulations, ...)

• Information Security project management by interacting with customers from a variety of work realities, from the automotive industry to the banking sector.

• Recommend industry best practices for vulnerability and threat management remediation.

• Work with internal customers to determine their need for security assessments, present and explain the employed methodology, and support them with feedback and verification during mitigation.

• Implementing secure SDLC, secure coding and security by design best practices

• Conduct static and dynamic analysis (SAST/DAST) on a variety of code bases and platforms.

• Through standard enterprise tools, discover security vulnerabilities in web and mobile applications and provide recommended remediation steps to developers.

• Enforce smart CI/CD security tooling (SAST, dependencies checker)

• Identify vulnerability in the source code and design of our products

• Fix vulnerabilities or support development team on fixing

• Develop training on secure coding techniques and security awareness for technical staff (e.g., software developers).

Qualifications

• 5 years’ experience delivering information security and infrastructure security reviews, risk and vulnerability management, technical system security configuration review

• Security qualification(s) such as CISSP, CISM, CEH, CISA, SSCP, ISO 27001, IT/ Computing Certifications (Cisco, Microsoft, Oracle, etc)

• Knowledge and application of information security frameworks and methodologies (e.g. NIST, ISO 27001, Data Protection, CIS Controls, OWASP) and other information security frameworks

• Successful track record in working in complex environments and large complex projects

• Advanced understanding of security protocols, cryptography, and security

• Strong analytical and problem-solving skills

• Knowledge of Agile process and principles

• Customer service orientated with good problem solving and analytical skills and the ability to communicate effectively at all levels

Desirable

• Experience implementing multi-factor authentication

• Experience implementing security solutions

• A well developed, practical understanding of Google Workspace solution

• A well developed, practical understanding of SaaS technologies

• Competence in Project Management best practices