Implement information / IT security engagements for clients
Provide delivery expertise on information security projects. This could be on technical or process aspects (such as Information Security Management Systems (ISMS) or ISO 27001, Business Continuity Management / IT Disaster Recovery Management or ISO 22301/ ISO 27301, Data Loss Prevention (DLP), Identity and Access Management (IAM), cloud security, cyber security design, tools and solutions, security strategy and security project management).
Experience in the identification, assessment, mitigation and management of information security risks and issues across the information security spectrum.
Identify best practices for Information Security into technically feasible and user friendly deliverables and communicate to clients and their Information Security staff.
Gain understanding of key customer issues and help create proposals as required.
Build own knowledge and competency in cyber security and gain alignment and understanding of at least one industry.
Qualifications:
Degree in any discipline and/or MBA from a recognised institution; IT Degree preferred.
Related certifications are a plus e.g. CISSP, CCSP, SSCP, GSLC, GISP, CISM, CRISC, CGEIT, CISA, CCSK, CEH, CCNA, ISO 27001 Lead Auditor, etc.
Good overall understanding of IT.
Strong understanding of information security & regulatory standards/ frameworks; e.g. ISO/IEC 27001, COBIT, ITIL, PCI-DSS, NIST Cyber Security Framework, GPIS1, etc.
Good technical knowledge on at least one of the following areas:
- Data Security, Privacy, Classification and Data Loss Protection.
- IT Disaster Recovery Planning and Business Continuity Management.
- Network security architecture, management and controls including firewall, routers, IPS etc.