Senior Security Consultant

Role Purpose:

We are seeking a highly skilled and experienced Senior Security Consultant to join our team. This role requires a balanced expertise in Security Governance, Technology Risk, and Compliance (GRC) as well as technical proficiency in Microsoft Security Stack and Vulnerability Assessment, including application security testing.

Key Responsibilities:

Governance, Risk, and Compliance (GRC) - 50%:

• Develop, implement, and maintain security policies, standards, and procedures to ensure compliance with regulatory requirements and industry best practices.
• Conduct risk assessments and audits to identify potential security threats and vulnerabilities.
• Collaborate with stakeholders to ensure security measures align with business objectives and regulatory requirements.
• Provide guidance and support for security governance, risk management, and compliance initiatives.
• Provide detailed reports, create dashboards, and executive summary reports for all the security initiatives and operations, showcasing how KPIs are met.

Technical Expertise - 50%:

Microsoft Security Stack:

• Design, implement, and manage security solutions using Microsoft Security products such as Data Loss Prevention (DLP), Cloud Access Security Broker (CASB), Microsoft Defender, and other related tools.
• Configure and optimize security settings to protect sensitive data and ensure compliance with security policies.
• Monitor and respond to security incidents using Microsoft Security tools and platforms.
• Provide technical support and guidance for the deployment and maintenance of Microsoft Security solutions.

Vulnerability Assessment and Application Security Testing:

• Conduct vulnerability assessments to identify and remediate security weaknesses in applications and systems.
• Perform application security testing to ensure the integrity and security of software applications.
• Develop and implement strategies for continuous improvement of security posture through regular assessments and testing.
• Collaborate with development teams to integrate security best practices into the software development lifecycle.
• Provide recommendations for mitigating security risks and improving overall security posture.

Qualifications:

• Preferably Bachelor's degree in Computer Science or any equivalent education (formal or informal) in a related field
• Minimum of 7 – 9 years of experience in security, with a focus on GRC and any of the above-mentioned technical security expertise.
• Strong knowledge of Microsoft Security products and vulnerability assessment methodologies.
• Excellent analytical, problem-solving, and communication skills.
• Relevant certifications such as CISSP, CISM, CEH, or equivalent are preferred.