SR.CONSULTANT, IT SECURITY

Job Purpose

Perform IT security compliance and monitoring efficiently, in timely manner and quality standards as per the defined policies and procedures to achieve departmental operational plans and developments within wider scope. Responsible for establishing security protocols and systems to protect a company’s data and network. They analyze existing systems to identify areas needing improvement, recommend solutions to problem areas, and suggest new tools and techniques to improve data security.

Key Accountability Areas

Security Management:

• The role requires an experienced senior consultant with expertise in a risk-based approach to
• cybersecurity. 
• The role will involve the security consulting specifically in conducting Strategic Risk Assessments and Threat and Vulnerability Assessments. It will also involve capturing company operational requirements and critical success factors, managing stakeholder engagement and running requirements and master-planning workshops with all stakeholders.
• The consultant must support the ‘win business’ process. The consultant must therefore understand other areas of expertise in the following areas:

                   - Project and programme management

                   - Risk analysis and management (quantified risk management techniques)

                   - Cyber security

• Identify and evaluate general IT-related business and technology risks, IT controls which mitigate risks, and related opportunities for improvement.
• Deliver IT advisory engagements, identify IT related financial and business risks, perform in-depth analysis of business processes, risks and controls, develop and implement controls testing work programs to provide assurance over the design and operating effectiveness of controls, draft reports and agree draft findings and improvement recommendations with client management. Security engineering and design
• Oversees, communicates, and carries out the technical implementations of solutions required for security for the objectives of the business.
• Identifies and takes action on all non-compliance areas for improvement and facilitates the development and deployment of the solutions.
• Active engagement with different stakeholders to help a company toward objective achievements through representation of the security program, support for external and internal auditing, and helping in the case of a security incident as a main contact for communication.
• Participating in company/region/unit related meetings and conferences, external-facing engagement, and industry forums associated as part of the cybersecurity program.
• Offer reporting on a regular basis on cybersecurity status across the company/region/unit of responsibility.
• Work with Information Risk Management and Compliance team for policy development and regulatory compliance.
• Act to coordinate Service Level Management for cybersecurity and assurance.

Network Security: 

• To conduct reviews on secure network designs, configurations, and security TSHOOTs
• To review network security logs quarterly for all devices
• To create network access control matrix for roles
• To create technical procedures on network security documentation
• Be part of Change management procedure for networks
• Work in coordination with operational network teams

System Security: 

• To conduct secure systems technical reviews
• Must be able to conduct role assessments on systems and its underlying function
• Must provide feedback on hardening of systems
• Identify security gaps on systems security
• Work with change management procedure

Role Accountability

HR Proficiency:

• Ability to obtain updated soft and technical skills related to the job

Delivery:

• Perform the planned activities to meet the operational and development targets as per delivery schedules.
• Utilize resources effectively to achieve objectives within efficient cost and time.
• Provide a periodic report formatted by detailing the deviation and execution of planned tasks.

Problem-Solving:

• Solve any related problems arise and escalate any complex operational issues.

Quality:

• Ensure quality requirements to develop effective quality control and processes including specifications for products or processes or related activities.

Business Process Improvement:

• Coordinate well-defined written systems, policies, procedures, and seek automations opportunities as much as possible.

Compliance:

• Comply to related policy and procedures and work instructions.

Health, Safety, and Environment:

• Ensure compliance of relevant safety, quality, and environmental management procedures and controls within defined area of work activity to guarantee safety, legislative compliance, and delivery of high-quality products/services.

Academic Qualification

Work Experience

Technical / Functional Competencies