Cyber Security Consultant

About the Role

Acme Services is seeking a skilled Cyber Security Consultant to join our team in Mumbai. This role is crucial for protecting our clients' digital assets and ensuring the integrity of their systems. You will be at the forefront of identifying and mitigating cyber threats, implementing robust security measures, and providing expert guidance to clients.

Key Responsibilities

• Conduct comprehensive threat and risk analyses, assessing the business impact of new and existing systems and technologies to mitigate risks and resolve performance and capacity issues.
• Implement vulnerability assessments and configure audits for operating systems, web servers, and databases to detect patterns, insecure features, and malicious activities.
• Perform research, testing, evaluation, and deployment of advanced security technologies and procedures.
• Run diagnostics on data changes to verify any undetected breaches.
• Develop custom systems for specialized security features and procedures for software systems, networks, data centers, and hardware.
• Develop and implement robust information security standards, guidelines, and procedures.
• Design and develop firewalls to secure network infrastructure.
• Stay current with emerging intrusion methods and develop proactive protection plans. Possess an in-depth understanding of vulnerabilities, management systems, and common security applications.
• Execute counteractive protocols and report security incidents. Provide customized risk ratings for vulnerabilities based on company policies and maintain IT security controls documentation.
• Review anti-virus systems and consoles and conduct necessary software upgrades and patches.
• Demonstrate an in-depth understanding of OWASP testing methodology, Dynamic and Static Application Security Testing, re-engineering, automation, ASP.NET/JAVA, IDS/IPS systems, Burp Suite, Nmap, Nessus, Qualys, and Metasploit.
• Manage client relationships and coordinate with service providers, offering customized security assessments, implementing security policies, designing security training materials, organizing training sessions, providing technical support, and communicating security policies and procedures.
• Protect client data, especially sensitive information, from both internal and external threats by designing comprehensive defenses against intruders.
• Drive daily monitoring for unusual activities, implement defensive protocols, and report incidents.
• Collaborate with the cybersecurity team to develop new protocols, layers of protection, and proactive/defensive systems to stay ahead of cyber criminals.
• Maintain security guidelines, procedures, standards, and controls documentation.
• Maintain a working knowledge of current cybercrime tactics.
• Collect data on current security measures for risk analysis and write regular systems-status reports.
• Constantly monitor for attacks and execute appropriate defensive protocols if breaches occur.
• Conduct vulnerability testing to identify weaknesses and collaborate with the cybersecurity team to update defensive protocols.
• Configure anti-virus systems, firewalls, data centers, and software updates with a security-first mindset.
• Grant credentials to authorized users, monitor access-related activities, and check for unregistered information changes.
• Lead employee training on phishing and other cyberattack forms.
• Coordinate and interface with stakeholders, including taking calls, responding to emails, and ensuring timely updates and project progress reports.
• Prepare internal and external corporate documents for team members and industry partners.
• Ensure monitoring compliance with applicable privacy laws.
• Maintain an organized filing system of paper and electronic documents.
• Uphold a strict level of confidentiality and develop and sustain professionalism among staff and clientele.
• Conduct research and prepare client presentations, information memorandums, and thought leadership documents.
• Contribute to advisory engagements as a team member, delivering quality output within assigned timelines.

Skills and Qualifications

• Degree or advanced qualification in information systems, information technology, or a related field.
• Certifications from recognized global bodies (e.g., CEH, CISSP, CCNA).
• 5+ years of experience in cybersecurity, providing consulting services to clients at a mid- to large-size business.
• Strong knowledge of IT, including hardware, software, and networks.
• A meticulous eye for detail and the ability to multitask in a fast-paced environment.

Preferred Qualifications

• Excellent verbal and written communication skills.
• Strong critical thinking, problem-solving, logic, and forensics skills.
• Ability to work successfully in both individual and team settings.
• Ability to think like a hacker to stay one step ahead.

General Skillsets

• Excellence: Demonstrates a passion for delivering quality in assigned tasks.
• Planning and Organizing: Sets priorities, defines activities, fulfills responsibilities, and plans work for timely and within-budget results.
• People Development: Seeks self-development and supports others' development within the firm.
• Teamwork: Works cooperatively, positively influences others, and ensures team participation to support firm goals.
• Communicating: Listens, understands, and communicates confidently, clearly, concisely, politely, and purposefully.