Job Description
Are you an expert in information security, ready to take on exciting and challenging projects? Our esteemed client, a reputable organization in Sydney, is seeking a highly skilled Information Security Consultant to join their team on a contract basis. If you are passionate about safeguarding data and ensuring the confidentiality, integrity, and availability of information assets, this opportunity is perfect for you.
As an Information Security Consultant, you will be responsible for providing expert guidance and support in implementing and maintaining robust security measures to protect the organization's critical information systems and data. You will work closely with clients, analyzing their security needs, identifying vulnerabilities, and developing effective strategies to mitigate risks.
Responsibilities:
Security Assessments: Conduct comprehensive security assessments to identify vulnerabilities and assess the effectiveness of existing controls. This includes performing penetration testing, vulnerability scanning, and risk assessments to evaluate the security posture of systems, networks, and applications.
Security Architecture Design: Collaborate with clients to design and implement secure information systems. Develop security architecture plans, including network segmentation, access controls, encryption protocols, and intrusion detection systems, to ensure the confidentiality, integrity, and availability of data.
Risk Management: Identify potential security risks and develop strategies to mitigate them. Assist clients in establishing risk management frameworks, defining security policies and procedures, and conducting security awareness training for employees.
Incident Response and Forensics: Develop and implement incident response plans to address security incidents effectively. Conduct digital forensics investigations to determine the cause and impact of security breaches and provide recommendations for remediation.
Security Governance and Compliance: Ensure compliance with industry standards and regulatory requirements, such as ISO 27001, GDPR, and PCI DSS. Assist clients in establishing governance frameworks and conducting regular security audits to maintain compliance.
Security Awareness and Training: Develop and deliver training programs to educate employees on security best practices, policies, and procedures. Foster a culture of security awareness and promote the importance of cybersecurity throughout the organization.
Security Incident Monitoring and Management: Monitor security systems, logs, and alerts to detect and respond to security incidents promptly. Investigate and analyze security events, coordinating with relevant stakeholders to mitigate risks and minimize the impact of incidents.
Skills and Requirements:
In-depth knowledge of information security principles, best practices, and industry standards.
Proven experience in conducting security assessments, penetration testing, and vulnerability management.
Strong understanding of network security, encryption protocols, access controls, and identity and access management.
Familiarity with security frameworks and compliance requirements (e.g., ISO 27001, NIST, GDPR).
Proficiency in using security tools and technologies, such as SIEM, IDS/IPS, firewalls, and vulnerability scanning tools.
Experience in incident response, digital forensics, and security incident management.
Strong analytical and problem-solving skills to identify security risks and develop effective solutions.
Excellent communication skills to convey complex security concepts to technical and non-technical stakeholders.
Relevant certifications such as CISSP, CISM, CEH, or GIAC are highly desirable.
Proven ability to work independently, manage multiple projects, and meet deadlines.
If you are a passionate and skilled Information Security Consultant looking for an exciting contract opportunity in Sydney, this role offers a challenging and rewarding environment to showcase your expertise. Apply now with your updated resume, highlighting your relevant experience, technical skills, and certifications. Join our client's team and contribute to safeguarding valuable information assets and protecting against evolving cyber threats.