PKC Advisory - Consultant - Cyber Defense/Security - Contractual

6 months Contract

Background:

Experience in Cyber Security Defense.

Responsibilities and Duties:

- The responsibilities of this role include (not limited to):

- Performing and leading VAPT/ Red Team/ Blue Team/ Phishing engagements for clients

- Ability to provide subject matter expertise on information security, infrastructure, application security etc. related requirements, understanding the requirement and assist in architecting the solutions for the clients

- Assist in designing and responding to proposals and RFP/ RFIs

- Lead/ assist/ deliver engagements maintaining high quality standards

- Maintain good client relationships and identify new opportunities

- Ability to perform/ delivering engagements remotely

- Design reports independently basis the assessments performed

- Perform quality review of the reports written by team members

- Mentor junior staff in their assigned job responsibilities and assist them during the project execution phase.

Self-Management

- Strive to achieve the highest levels of proficiency on all competencies and skills required to perform the role.

- Set self-performance goals in consultation with the Reporting Manager in the beginning of the year and ensure those goals are achieved during the course of the year.

Desired Attributes:

Process Skills

- Strong understanding of IT security standards and frameworks (OWASP/ NIST/ CIS/ ISO/IEC 17799/ ISO27001 etc.)

- Understanding of information security management systems

- Experience in developing security related policy and processes

- Experience in conducting Information security/ Cyber security reviews

- Experience in performing security risk assessment & management projects

Technical Skills

- Hands on experience on executing Vulnerability Assessment (VA) and Penetration Testing (PT) exercise

- Hands on knowledge of security assessment tools e.g. (Nessus, BurpSuite, nmap, Acunetix, Qualys, Appscan, Metasploit etc.)

- Strong understanding of security risks in networks, applications and cloud platforms.

- Skilled in performing Web Application Security reviews

- Knowledge of operating systems preferably Windows/ Linux/ UNIX (IBM IAX, Sun Solaris, HP UX etc.) and network equipments

- Strong knowledge of system and network hardening

- Knowledge of network security architecture review

- Understanding of security operations centre (SOC) framework and requirements

- Understanding of cyber analytics, security intelligence platforms and threat intelligence frameworks

- Functional knowledge of Identity & Access Management, Privileged Identity and Access Management, Data Security products such as Data Loss Prevention (DLP), Digital Rights Management (DRM), Data Base Activity Monitoring (DAM), etc is preferred

Business Requirements

- Prior consulting experience with Big 4 is preferable

- Experience of writing business proposals and response to clients RFP/ RFIs and lead identifications

- Experience of engagement delivery and client relationship management

- Proficient in MS PowerPoint, Word and Excel

Years of Experience:

- 5 - 8 years of relevant experience in the related field, preferably with a consulting firm

- Preferably delivered projects for clients (onsite or remote) in the Middle East and Africa (MENA) region

Qualifications:

- B.E./ B.Tech/ MCA/ M.Tech/ MBA degree or equivalent

- Certifications: OSCP/ CEH/ CCNA

Additional Certification CISSP/ CISA/ CISM would be desirable